I'm running CentOS-6 on an HP MicroServer (since this morning) and I'd like to open an non-standard port, for use on a laptop attached to the internet through the server.
Do I have to explicitly add an iptables rule? If so, and I want to open (say) udp port 500 , what command should I give?
I've always used shorewall in the past, and will probably do so now if the default firewall is difficult to use. But I thought I would try it first as an experiment.
My recollection is that in old versions of CentOS one could non-standard ports through system-config-firewall ; but it seems that now this can only be used for standard ports;
I looked at http://wiki.centos.org/HowTos/Network/IPTables but didn't find it very enlightening.
Any advice or suggestions gratefully received.
Timothy Murphy wrote:
I'm running CentOS-6 on an HP MicroServer (since this morning) and I'd like to open an non-standard port, for use on a laptop attached to the internet through the server.
Do I have to explicitly add an iptables rule? If so, and I want to open (say) udp port 500 , what command should I give?
I've always used shorewall in the past, and will probably do so now if the default firewall is difficult to use. But I thought I would try it first as an experiment.
My recollection is that in old versions of CentOS one could non-standard ports through system-config-firewall ; but it seems that now this can only be used for standard ports;
I looked at http://wiki.centos.org/HowTos/Network/IPTables but didn't find it very enlightening.
Any advice or suggestions gratefully received.
Use System -> Administration -> Firewall from GUI. Or "/usr/bin/system-config-firewall" from SSH/console TUI.
Ljubomir
At 08:53 AM 7/17/2011, you wrote:
Timothy Murphy wrote:
I'm running CentOS-6 on an HP MicroServer (since this morning) and I'd like to open an non-standard port, for use on a laptop attached to the internet through the server.
(snip)
Any advice or suggestions gratefully received.
Use System -> Administration -> Firewall from GUI. Or "/usr/bin/system-config-firewall" from SSH/console TUI.
Ljubomir
I loaded my system with text-install and network, and find no file named "/usr/bin/system-config-firewall". My guess is that it comes with a package that I haven't installed. Can you identify that package?
Thanks David
On Sun, Jul 17, 2011 at 6:05 PM, david david@daku.org wrote:
At 08:53 AM 7/17/2011, you wrote:
Timothy Murphy wrote:
I'm running CentOS-6 on an HP MicroServer (since this morning) and I'd like to open an non-standard port, for use on a laptop attached to the internet through the server.
(snip)
Any advice or suggestions gratefully received.
Use System -> Administration -> Firewall from GUI. Or "/usr/bin/system-config-firewall" from SSH/console TUI.
Ljubomir
I loaded my system with text-install and network, and find no file named "/usr/bin/system-config-firewall". My guess is that it comes with a package that I haven't installed. Can you identify that package?
Thanks David
yum install system-config-network
Timothy Murphy wrote:
I'm running CentOS-6 on an HP MicroServer (since this morning) and I'd like to open an non-standard port, for use on a laptop attached to the internet through the server.
Do I have to explicitly add an iptables rule? If so, and I want to open (say) udp port 500 , what command should I give?
...
My recollection is that in old versions of CentOS one could non-standard ports through system-config-firewall ; but it seems that now this can only be used for standard ports;
Apologies. There is a perfectly clear option "Other Ports" on running system-config-firewall as root.
There does seem to be a bug/feature: if you enter the same procedure by Administration=>Firewall (in KDE) you cannot make any changes (at least I could not) even after giving the superuser password, when requested.
Timothy Murphy wrote:
There does seem to be a bug/feature: if you enter the same procedure by Administration=>Firewall (in KDE) you cannot make any changes (at least I could not) even after giving the superuser password, when requested.
You should reported as a bug, either to bugs.centos.org or on Red Hat's bugzilla.