[CentOS] Open extra ports on firewall?
Alex White
ethericalzen at gmail.com
Fri Mar 14 16:54:51 UTC 2008
On Fri, 14 Mar 2008 17:32:08 +0100
Niki Kovacs <contact at kikinovak.net> took out a #2 pencil and
scribbled:
> Hi,
>
> I'm using the preconfigured firewall that comes with CentOS 5. I
> configure it with system-config-securitylevel-tui, close all
> ports except SSH, and then open only the ones I need.
>
> Right now, on one of my desktops, I've installed AMSN, which
> requires opening a series of ports. I've configured the app to
> use ports 7000 to 7010 (TCP and UDP). When running
> system-config-securitylevel-tui, the last line enables to define
> custom ports, not mentioned elsewhere in the menu. So, for
> example, when I want to add port 6891 for tcp and udp, I write an
> entry like this:
>
> 6891:tcp 6891:udp
>
> But what's the syntax for several ports? I tried this:
>
> 7000-7010:tcp 7000-7010:udp
>
> And then, 'service iptables status' gives me this:
>
>
> 10 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp
> dpt:4662 11 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> udp dpt:4672 12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state
> NEW tcp pts:7000:7010 13 ACCEPT udp -- 0.0.0.0/0
> 0.0.0.0/0 state NEW udp pts:7000:7010 14 ACCEPT tcp --
> 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 15 REJECT all --
> 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
>
> Does that mean that I have opened ports 7000 to 7010? Or only
> ports 7000 and 7010? I'm not quite sure how to read this.
>
> Cheers,
>
> Niki
It means you've opened 7000 through to 7010 for udp and tcp.
--
ethericalzen at gmail.com
Life is a prison, death is a release
More information about the CentOS
mailing list