Q. I’ve Redhat Enterprise Linux 5 server with Iptabeles firewall enabled. By default it is only allowing port 22. How do I open port 80 / 143 / 110 on Linux? I've started all services but don't know how to open port using iptables.
A. By default iptables firewall stores its configuration at /etc/sysconfig/iptables file. You need to edit this file and add rules to open port number. This file only avilable under
Red Hat Enterprise Linux 3 / 4 / 5 and above
=> Old Red hat Linux version
=> CentOS 4 and above
=> Fedora Linux
Open port 80
Open flle /etc/sysconfig/iptables:
# vi /etc/sysconfig/iptables
Append rule as follows:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
Save and close the file. Restart iptables:
# /etc/init.d/iptables restart
Open port 110
Append rule as follows:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 110 -j ACCEPT
Open port 143
Append rule as follows:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 143 -j ACCEPT
Restart iptables service
Type the following command:
# service iptables restart
Verify that port is open
Run following command:
netstat -tulpn | less
Make sure iptables is allowing port 80 / 110 / 143 connections:
iptables -L -n
Refer to iptables man page for more information about iptables usage and syntax:
man iptables
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- My 10 UNIX Command Line Mistakes
- 10 Greatest Open Source Software Of 2009
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Linux Video Editor Software
- Email FAQ to a friend
- Download PDF version
- Printable version
- Comment RSS feed
- Last Updated: 09/29/07
{ 11 comments… read them below or add one }
Save and close the file. Restart iptables:# /etc/init.d/iptables restart
How to close and save a file?????
save and close a file in VI
hit ESC
type :
type x
[ESC:X]
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 587 -j ACCEPT
hi i used this code in fedora 5 to open up the port 587 in my firewall so sendmail would work using this vi command below:
vi /etc/sysconfig/iptables
then i applied the changes and restarted the firewall as you metioned above, ok poped up for all selections. did i do this ok? let me know and thanks. rich.
I wonder what is happening on my newly installed centos5.2 as all connections excepts icmp are periodically refused (up and down in un-orderly fashion)
Please advice whats wrong; action taken
#service iptables stop
#chkconfig iptables off
#chkconfig –del iptables
#mkdir /backup
#mv /etc/init.d/iptables /backup/
#mv /etc/init.d/ip6tables /backup/
#init 6
Yet the connection refuse error keep on happening time to time(more frequently that connected)
Sam,
You must be using another firewall script such as apf. Most hosting companies install something like this.
Don’t forget to make sure the ACCEPT lines are before any REJECT lines
good site, helped me a lot to restart a port in linux 5
An application that I use has an in-built Tcl webserver that uses ports 8015/8016. Is there a way to open these ports but at the same time restrict access to only selected IP addresses?
Sweet! I needed to open a port for the Sybase database server I installed on this box. Your instructions worked perfectly. Thanks for taking the time to post these instructions.
Wayne
THank you so much buddy. That really helped.
Or, you can just run “system-config-securitylevel” and do it the easy way. :)
I always hated iptables commands.