[rhn-users] open a port in iptables

Richard Riley rriley at ariba.com
Mon May 5 16:11:15 UTC 2008 

Looks like your new rules are after the  "REJECT ALL", so they will
never be considered.

Richard Riley
Ariba.com

> >-----Original Message-----
> >From: rhn-users-bounces at redhat.com 
> >[mailto:rhn-users-bounces at redhat.com] On Behalf Of 
> >dlederer at hilltowncharter.org
> >Sent: Monday, May 05, 2008 9:23 AM
> >To: rhn-users at redhat.com
> >Subject: [rhn-users] open a port in iptables
> >
> >
> >Hi,
> >I'm simply trying to open port 497 so I can use Retrospect 
> >backup client on a RHEL 4 box.
> >Below is the iptable edited for port 497 (udp and tcp) what 
> >might I be doing wrong? a port scan from another machine on 
> >the network can't see it open.
> >Thanks for your help!
> >Dan
> >
> >[root at host sysconfig]# vi system-config-securitylevel
> >
> >[2]+  Stopped                 vi system-config-securitylevel
> >[root at host sysconfig]# service iptables status
> >Table: filter
> >Chain INPUT (policy ACCEPT)
> >target     prot opt source               destination
> >RH-Firewall-1-INPUT  all  --  0.0.0.0/0            0.0.0.0/0
> >
> >Chain FORWARD (policy ACCEPT)
> >target     prot opt source               destination
> >RH-Firewall-1-INPUT  all  --  0.0.0.0/0            0.0.0.0/0
> >
> >Chain OUTPUT (policy ACCEPT)
> >target     prot opt source               destination
> >
> >Chain RH-Firewall-1-INPUT (2 references)
> >target     prot opt source               destination
> >ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
> >ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
> >icmp type 255
> >ACCEPT     esp  --  0.0.0.0/0            0.0.0.0/0
> >ACCEPT     ah   --  0.0.0.0/0            0.0.0.0/0
> >ACCEPT     udp  --  0.0.0.0/0            224.0.0.251         
> >udp dpt:5353
> >ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           
> >udp dpt:631
> >ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state
> >RELATED,ESTAB
> >LISHED
> >ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           
> >state NEW tcp
> >dpt:8
> >0
> >ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           
> >state NEW tcp
> >dpt:4
> >43
> >ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           
> >state NEW tcp
> >dpt:2
> >1
> >ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           
> >state NEW tcp
> >dpt:2
> >2
> >ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           
> >state NEW tcp
> >dpt:2
> >5
> >ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           
> >state NEW tcp
> >dpt:1
> >10
> >REJECT     all  --  0.0.0.0/0            0.0.0.0/0           
> >reject-with
> >icmp-ho
> >st-prohibited
> >ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           
> >state NEW tcp
> >dpt:4
> >97
> >ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           
> >state NEW tcp
> >dpt:5
> >900
> >ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           
> >state NEW udp
> >dpt:4
> >97
> >
> >[root at host sysconfig]#  service iptables restart
> >Flushing firewall rules:                                   [  OK  ]
> >Setting chains to policy ACCEPT: filter                    [  OK  ]
> >Unloading iptables modules:                                [  OK  ]
> >Applying iptables firewall rules:                          [  OK  ]
> >[root at host sysconfig]#
> >
> >_______________________________________________
> >rhn-users mailing list
> >rhn-users at redhat.com
> >https://www.redhat.com/mailman/listinfo/rhn-users
> >

More information about the rhn-users mailing list