HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   Firewall Not Opening Ports (http://www.howtoforge.com/forums/showthread.php?t=59493)

rbartz 10th November 2012 08:25

Firewall Not Opening Ports
 
I am having a problem opening ports 1935 and 5080 for media streaming.

I used The Perfect Server - CentOS 6.3 x86_64 setup, and after a few blips all the normal stuff is running right. (Found out again that phpMyAdmin is not the same as phpmyadmin!)

Anyway, after setting ispconfig3 to open those two ports, I get this with iptables -L -n
================================================== =
Chain INPUT (policy DROP)
target prot opt source destination
DROP tcp -- 0.0.0.0/0 127.0.0.0/8
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
DROP all -- 224.0.0.0/4 0.0.0.0/0
PUB_IN all -- 0.0.0.0/0 0.0.0.0/0
PUB_IN all -- 0.0.0.0/0 0.0.0.0/0
PUB_IN all -- 0.0.0.0/0 0.0.0.0/0
PUB_IN all -- 0.0.0.0/0 0.0.0.0/0
PUB_IN all -- 0.0.0.0/0 0.0.0.0/0
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- 0.0.0.0/0 0.0.0.0/0
PUB_OUT all -- 0.0.0.0/0 0.0.0.0/0
PUB_OUT all -- 0.0.0.0/0 0.0.0.0/0
PUB_OUT all -- 0.0.0.0/0 0.0.0.0/0
PUB_OUT all -- 0.0.0.0/0 0.0.0.0/0

Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0

Chain PAROLE (19 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0

Chain PUB_IN (5 references)
target prot opt source destination
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:20
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:81
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:110
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:993
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:995
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:1935
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5080
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8081
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:10000
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:10001
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:3306
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain PUB_OUT (5 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0

Chain fail2ban-Dovecot (0 references)
target prot opt source destination

Chain fail2ban-SMTP (0 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0

Chain fail2ban-SSH (0 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
===============================================
Looks like the ports are set right there.

However, with Nmap I get this:
==================================================
#nmap -sS 127.0.0.1

Starting Nmap 5.51 ( http://nmap.org ) at 2012-11-09 16:19 MST
Nmap scan report for 69-64-65-69.phx.dedicated.codero.com (127.0.0.1)
Host is up (0.0000050s latency).
Not shown: 983 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
110/tcp open pop3
111/tcp open rpcbind
143/tcp open imap
443/tcp open https
631/tcp open ipp
993/tcp open imaps
995/tcp open pop3s
3306/tcp open mysql
8080/tcp open http-proxy
8081/tcp open blackice-icecap
10001/tcp open scp-config
10025/tcp open unknown

Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds
==================================================
telnet localhost 5080 says connection refused. The ports are not open...

Any ideas? Thanks!

Richard

rbartz 10th November 2012 14:11

Found The Problem
 
After thinking about this a bit, I realized Nmap will not show a port open unless something is there to answer.......

The problem was with the red5 server script, the base directory was not right so it was creating the pid file but not actually starting from the /etc/init.d/red5 script.

Fixed the script and all was good.

Sorry to bother you guys!

Richard


All times are GMT +2. The time now is 15:54.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.