+- Linux-Noob Forums (https://www.linux-noob.com/forums)
+-- Forum: Linux Server Administration (https://www.linux-noob.com/forums/forum-8.html)
+--- Forum: Security and Firewalls (https://www.linux-noob.com/forums/forum-87.html)
+--- Thread: Not able to open tcp port in linux system (/thread-158.html)
Not able to open tcp port in linux system - gaurav_herein - 2012-05-29
I am using RHEL 5
and my application is running in the system on port 11960. I need to connect to this port from application running on other system.
but the port is closed for other system
below are the information for my system
[root@ sysconfig]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp spt:11960 state NEW,ESTABLISHED
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@ sysconfig]# netstat -nap | grep 11960
tcp 0 0 127.0.0.1:11960 0.0.0.0:* LISTEN 2155/cm
[root@ sysconfig]# nmap -p 11960 23.x.x.x
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2012-05-29 06:45 EDT
Interesting ports on (23.x.x.x):
PORT STATE SERVICE
11960/tcp closed unknown
[root@ sysconfig]# nmap -p 11960 127.0.0.1
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2012-05-29 06:45 EDT
Interesting ports on localhost.localdomain (127.0.0.1):
PORT STATE SERVICE
11960/tcp open unknown
[root@domU-12-31-39-10-06-32 sysconfig]# tcptraceroute -p 11960 23.x.x.x
traceroute to 23.x.x.x (23.x.x.x), 30 hops max, 40 byte packets
1 ip-10-72-24-2.ec2.internal (10.72.24.2) 1.370 ms 1.322 ms 1.299 ms
2 ip-10-1-6-69.ec2.internal (10.1.6.69) 0.505 ms ip-10-1-8-69.ec2.internal (10.1.8.69) 0.501 ms 0.680 ms
3 ip-10-1-11-14.ec2.internal (10.1.11.14) 0.843 ms ip-10-1-7-14.ec2.internal (10.1.7.14) 0.833 ms ip-10-1-9-14.ec2.internal (10.1.9.14) 0.802 ms
4 216.182.224.209 (216.182.224.209) 0.785 ms 216.182.224.76 (216.182.224.76) 16.203 ms 216.182.232.48 (216.182.232.48) 0.737 ms
5 216.182.232.49 (216.182.232.49) 1.306 ms 1.285 ms 216.182.224.208 (216.182.224.208) 1.252 ms
6 23.x.x.x 2.679 ms 2.654 ms 2.629 ms
Firewall is off
tried
nc 23.x.x.x 11960
tried adding below when firewall was on
iptables -A INPUT -i eth0 -p tcp --sport 11960 -m state --state NEW ESTABLISHED -j ACCEPT
tried flushing the iptables "iptables -F"
can anyone suggest what should i check or what is the problem with this port.
is there anything that i need to add in /etc/services?
Regards,
Gaurav
Not able to open tcp port in linux system - inittux - 2012-05-29
I don't know much about iptables, haven't done anything with it yet. What I do for now is go to /etc/sysconfig . Then as root run system-config-firewall-tui . You will get a simple graphical interface where you can turn on your firewall and add a port to open in your firewall.
Not able to open tcp port in linux system - Dungeon-Dave - 2012-05-29
Quote:iptables -A INPUT -i eth0 -p tcp --sport 11960 -m state --state NEW ESTABLISHED -j ACCEPTI think that should read --dport 11960 - you're interested in DESTINATION port, not SOURCE port.
(you rule is permitting incoming connections from port 11960, not connections to 11960)
Another test to try is: "telnet localhost 11960" on that machine - see if you get any response.
Not able to open tcp port in linux system - gaurav_herein - 2012-05-30
Thanks for your help. I was able to resolve it. The problem was /etc/hosts. Entry was not proper.
Not able to open tcp port in linux system - Dungeon-Dave - 2012-05-30
Okayyy... I'm not sure why /etc/hosts would prevent firewall rules from working, but glad to see you got it all sorted!