On Fri, 14 Mar 2008 17:32:08 +0100 Niki Kovacs contact@kikinovak.net took out a #2 pencil and scribbled:
Hi,
I'm using the preconfigured firewall that comes with CentOS 5. I configure it with system-config-securitylevel-tui, close all ports except SSH, and then open only the ones I need.
Right now, on one of my desktops, I've installed AMSN, which requires opening a series of ports. I've configured the app to use ports 7000 to 7010 (TCP and UDP). When running system-config-securitylevel-tui, the last line enables to define custom ports, not mentioned elsewhere in the menu. So, for example, when I want to add port 6891 for tcp and udp, I write an entry like this:
6891:tcp 6891:udp
But what's the syntax for several ports? I tried this:
7000-7010:tcp 7000-7010:udp
And then, 'service iptables status' gives me this:
10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:4662 11 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:4672 12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp pts:7000:7010 13 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp pts:7000:7010 14 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 15 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Does that mean that I have opened ports 7000 to 7010? Or only ports 7000 and 7010? I'm not quite sure how to read this.
Cheers,
Niki
It means you've opened 7000 through to 7010 for udp and tcp.