Hi, I'm using the preconfigured firewall that comes with CentOS 5. I configure it with system-config-securitylevel-tui, close all ports except SSH, and then open only the ones I need. Right now, on one of my desktops, I've installed AMSN, which requires opening a series of ports. I've configured the app to use ports 7000 to 7010 (TCP and UDP). When running system-config-securitylevel-tui, the last line enables to define custom ports, not mentioned elsewhere in the menu. So, for example, when I want to add port 6891 for tcp and udp, I write an entry like this: 6891:tcp 6891:udp But what's the syntax for several ports? I tried this: 7000-7010:tcp 7000-7010:udp And then, 'service iptables status' gives me this: 10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:4662 11 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:4672 12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp pts:7000:7010 13 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp pts:7000:7010 14 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 15 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Does that mean that I have opened ports 7000 to 7010? Or only ports 7000 and 7010? I'm not quite sure how to read this. Cheers, Niki
On 14/03/2008, Niki Kovacs <contact at kikinovak.net> wrote:> > > Does that mean that I have opened ports 7000 to 7010? Or only ports 7000 > and 7010? I'm not quite sure how to read this.Could you use something like nmap to check the open ports? Alan. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20080314/94d87888/attachment-0002.html>
On Fri, 14 Mar 2008 17:32:08 +0100 Niki Kovacs <contact at kikinovak.net> took out a #2 pencil and scribbled:> Hi, > > I'm using the preconfigured firewall that comes with CentOS 5. I > configure it with system-config-securitylevel-tui, close all > ports except SSH, and then open only the ones I need. > > Right now, on one of my desktops, I've installed AMSN, which > requires opening a series of ports. I've configured the app to > use ports 7000 to 7010 (TCP and UDP). When running > system-config-securitylevel-tui, the last line enables to define > custom ports, not mentioned elsewhere in the menu. So, for > example, when I want to add port 6891 for tcp and udp, I write an > entry like this: > > 6891:tcp 6891:udp > > But what's the syntax for several ports? I tried this: > > 7000-7010:tcp 7000-7010:udp > > And then, 'service iptables status' gives me this: > > > 10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp > dpt:4662 11 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW > udp dpt:4672 12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state > NEW tcp pts:7000:7010 13 ACCEPT udp -- 0.0.0.0/0 > 0.0.0.0/0 state NEW udp pts:7000:7010 14 ACCEPT tcp -- > 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 15 REJECT all -- > 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited > > Does that mean that I have opened ports 7000 to 7010? Or only > ports 7000 and 7010? I'm not quite sure how to read this. > > Cheers, > > NikiIt means you've opened 7000 through to 7010 for udp and tcp. -- ethericalzen at gmail.com Life is a prison, death is a release
On Friday 14 March 2008 12:32, Niki Kovacs wrote:> Right now, on one of my desktops, I've installed AMSN, which requires > opening a series of ports. I've configured the app to use ports 7000 to > 7010 (TCP and UDP). When running system-config-securitylevel-tui, the > last line enables to define custom ports, not mentioned elsewhere in the > menu. So, for example, when I want to add port 6891 for tcp and udp, I > write an entry like this:Check out this site. It's a tutorial fro IPTables. http://iptables.rlworkman.net/chunkyhtml/index.html -- Regards Robert Smile... it increases your face value! Linux User #296285 http://counter.li.org