Dave Perrett

Opening a Port on Linux

iptables, linux, security

  • Check if the port is being used or not (testing port 3000 in this example):bash$ netstat -na | grep 3000
  • If the port is in use, then most likely it will be the software firewall blocking you. You can check by running:bash$ sudo /sbin/iptables -L
  • Check for the port. If it isn’t listed, you will need to add it:bash$ sudo vi /etc/sysconfig/iptables
  • Copy one of the other lines that is allowing a connection to (–dport) a port, and edit to allow access to your new port.
  • Save the file
  • Restart iptables:bash$ sudo /sbin/service iptables restart

Example /etc/sysconfig/iptables (for RedHat)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
* Firewall configuration written by redhat-config-securitylevel
* Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3000:3005 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
namespace :compass do

  desc 'Delete temporary compass files'
  task :clean do
    system "rm -fR css/*"
  end

  desc 'Run the compass watch script'  desc 'Run the compass watch script'  desc 'Run the compass watch script'  desc 'Run the compass watch script'  desc 'Run the compass watch script'
  task :watch do
    system "compass watch"
  end

  desc 'Compile sass scripts'
  task :compile => [:clean] do
    system "compass compile"
  end

end