FC-5 iptables question
Johannes Christian
johannes.sitorus at pacomnet.com
Tue Aug 1 10:36:48 UTC 2006
maybe you can try using telnet to the specific port
e.g $telnet server_ip 53
--jo--
Peter Horst wrote:
> Sorry, kind of a dumb question. I'm trying to open a port to allow
> DNS traffic (port 53, UDP and TCP). I tried a quick nmap from outside
> my network, and though the tcp port shows up open, there's no reading
> from the udp port. How can I tell if I've opened the port correctly?
> Here's what I think is the relevant output from 'service iptables
> status' - does this look right? Thanks much...
>
> Chain RH-Firewall-1-INPUT (2 references)
> num target prot opt source destination
> 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
> 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp
> type 255
> 3 ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
> 4 ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
> 5 ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp
> dpt:5353
> 6 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp
> dpt:53
> 7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> dpt:53
> 8 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp
> dpt:631
> 9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
> dpt:631
> 10 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
> state RELATED,ESTABLISHED
> 11 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
> state NEW tcp dpt:22
> 12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
> state NEW tcp dpt:25
> 13 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
> state NEW tcp dpt:80
> 14 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
> state NEW tcp dpt:443
> 15 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
> state NEW tcp dpt:53
> 16 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0
> state NEW udp dpt:53
> 17 REJECT all -- 0.0.0.0/0 0.0.0.0/0
> reject-with icmp-host-prohibited
>
--
Regards,
Johannes Sitorus
PT Pacific Communication Networks
Wisma Indovision lt.12
Jl. Raya Panjang Z/III 11520
Tel. 021-5830-2430
Fax. 021-5830-2431
More information about the fedora-list
mailing list