I have ISPConfig installed on a Fedora Core 4 box. ISPConfig is working perfectly. However, I also want to use my computer as a samba file server. I need to open up a few firewall ports to do this. I used the ISPConfig control panel and tried to open port 137. I restarted the firewall using the control panel. Before and after I did this, I ran nmap and got the following output:

Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-08-05 13:54 EDT
Interesting ports on ddnsserver1.hopto.org (192.168.0.10):
(The 1644 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
81/tcp open hosts2-ns
110/tcp open pop3
111/tcp open rpcbind
139/tcp open netbios-ssn
143/tcp open imap
443/tcp open https
445/tcp open microsoft-ds
734/tcp open unknown
761/tcp open kpasswd
993/tcp open imaps
995/tcp open pop3s
2049/tcp open nfs
3306/tcp open mysql
32770/tcp open sometimes-rpc3

Nmap finished: 1 IP address (1 host up) scanned in 0.253 seconds

As the listing shows, port 137 is not open. How can I open up port 137?

I have ISPConfig installed on a Fedora Core 4 box. ISPConfig is working perfectly. However, I also want to use my computer as a samba file server. I need to open up a few firewall ports to do this. I used the ISPConfig control panel and tried to open port 137. I restarted the firewall using the control panel. Before and after I did this, I ran nmap and got the following output:

Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-08-05 13:54 EDT
Interesting ports on ddnsserver1.hopto.org (192.168.0.10):
(The 1644 ports scanned but not shown below are in state: closed)
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
81/tcp open hosts2-ns
110/tcp open pop3
111/tcp open rpcbind
139/tcp open netbios-ssn
143/tcp open imap
443/tcp open https
445/tcp open microsoft-ds
734/tcp open unknown
761/tcp open kpasswd
993/tcp open imaps
995/tcp open pop3s
2049/tcp open nfs
3306/tcp open mysql
32770/tcp open sometimes-rpc3

Nmap finished: 1 IP address (1 host up) scanned in 0.253 seconds

As the listing shows, port 137 is not open. How can I open up port 137?


Have you installed SAMBA and started it?

Have you installed SAMBA and started it?

Yes, you have to start Samba. You can run

iptables -L

to see which ports are open in the firewall.

Samba is running and working correctly. Also, I am aware of the command iptables -L listing the ports but the installation instructions for ISPConfig instructed me to turn the firewall off. This is why I used the command nmap to show the ports that are actually open.

Samba is running and working correctly. Also, I am aware of the command iptables -L listing the ports but the installation instructions for ISPConfig instructed me to turn the firewall off. This is why I used the command nmap to show the ports that are actually open.

The ISPConfig firewall is a IPTables firewall.

The ISPConfig firewall is a IPTables firewall.

Yes, I was thinking that you were running the ISPConfig firewall... ;)

I was wondering if this could be an installation problem. I followed the installation instructions for Fedora Core 4. However, instead of selecting the indicated packages to install, I selected everything. Is it possible that selecting everything to install is adding something that is setting up the firewall?

Is it possible that selecting everything to install is adding something that is setting up the firewall?

Maybe. Can you post the output of iptables -L here?

I executed /etc/init.d/iptables and got: Firewall is stopped.

The output for iptables -L is:

[root@ddnsserver1 servadmin]# /sbin/iptables -L
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
DROP all -- anywhere anywhere

Chain INPUT (policy DROP)
target prot opt source destination
DROP tcp -- anywhere 127.0.0.0/8
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere

Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere

Chain PAROLE (10 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere

Chain PUB_IN (3 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp echo-request
PAROLE tcp -- anywhere anywhere tcp dpt:ftp
PAROLE tcp -- anywhere anywhere tcp dpt:ssh
PAROLE tcp -- anywhere anywhere tcp dpt:smtp
PAROLE tcp -- anywhere anywhere tcp dpt:domain
PAROLE tcp -- anywhere anywhere tcp dpt:http
PAROLE tcp -- anywhere anywhere tcp dpt:81
PAROLE tcp -- anywhere anywhere tcp dpt:pop3
PAROLE tcp -- anywhere anywhere tcp dpt:https
PAROLE tcp -- anywhere anywhere tcp dpt:10000
PAROLE tcp -- anywhere anywhere tcp dpt:netbios-ns
ACCEPT udp -- anywhere anywhere udp dpt:domain
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere

Chain PUB_OUT (3 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere

This looks like the ISPConfig firewall is running. You can control it from the web interface: Management -> Server -> Services.

I used the ISPConfig control panel at Management->Server->Services to try and open port 137. After I tried to open the port I ran the nmap command. The nmap command shows that port 137 is still closed. This thread is asking if anyone knows why port 137 is still closed even though the ISPConfig control panel was used to open port 137.

Did you start Samba? And as far as I know you should also open the ports 138 and 139 for Samba.

Did you start Samba? And as far as I know you should also open the ports 138 and 139 for Samba.

If i remeber correctly, it is Port 137 - 139 TCP and UDP.

The answer to the question, "why does nmap show that ports are closed when the ISPConfig says that they are open" is, don't trust nmap.

I used ISPConfig to open the following ports:

Samba 137 udp yes
Samba 138 udp yes
Samba 139 udp yes
Samba 445 udp yes
Samba 137 tcp yes
Samba 138 tcp yes
Samba 139 tcp yes
Samba 445 tcp yes

The nmap command shows that the ports are closed. However, I got on my Windows XP machine and my file share worked perfectly. The conclusion, therefore, seems to be, don't trust nmap to tell you what is actually open.

many of the EXE files on my web sites keep getting infected with this virus. I tried to turn the ispconfig firewall on and block the port but now I can't even access the ispconfig admin web site.

1. How do I stop the ispconfig firewall from the commnad line?
2. How can I access the ispconfig admin screen without going through a browser?

1. How do I stop the ispconfig firewall from the commnad line?
/etc/init.d/bastille-firewall stop
2. How can I access the ispconfig admin screen without going through a browser?
You cannot access it at all then...
You cannot block the ports 81 (ISPConfig) and 22 (SSH) from the ISPConfig web interface, so something weird must be going on on your system.