#1  
Old 29th April 2008, 15:43
thehappyappy thehappyappy is offline
Junior Member
 
Join Date: Apr 2008
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Unhappy Opening TPC ports

I'm not sure if this is the right place for this post, but I'd be grateful if somebody could please help me. I'm trying to open ports 999, 1982 and 1983 but am not having much luck. I used
iptables -A INPUT -i eth0 -p tcp --sport 999 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 1982 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --sport 1983 -m state --state NEW,ESTABLISHED -j ACCEPT
to open the ports but haven't been successful. I was told to make sure that your server TCP ports: 999, 1982, 1983 are fully open inbound and outbound and that destination IP address for those ports is 72.232.181.106.
I've been trying for ages to get these ports open, but haven't had any luck.
This is the first time I've ever used a dedicated server and I am very new to all of this so I in advance for lack of knowledge

Thanks

If it helps after I tried to open the ports I ran iptables -L and this is the result:
Quote:
[root@localhost ~]# iptables -A INPUT -i eth0 -p tcp --sport 999 -m state --state NEW,ESTABLISHED -j ACCEPT
[root@localhost ~]# iptables -A INPUT -i eth0 -p tcp --sport 1982 -m state --state NEW,ESTABLISHED -j ACCEPT
[root@localhost ~]# iptables -A INPUT -i eth0 -p tcp --sport 1983 -m state --state NEW,ESTABLISHED -j ACCEPT
[root@localhost ~]# iptables-save
# Generated by iptables-save v1.3.5 on Tue Apr 29 14:42:10 2008
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [13:754]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -p tcp -m tcp --dport 1983 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 1982 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 999 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --dport 69 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 69 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 110 -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --dport 123 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 20 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 21 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --dport 3306 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5555 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8002 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 9001 -m state --state NEW -j ACCEPT
-A INPUT -j DROP
-A INPUT -i eth0 -p tcp -m tcp --sport 999 -m state --state ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 1982 -m state --state ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 1983 -m state --state ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 999 -m state --state NEW,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 1982 -m state --state NEW,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 1983 -m state --state NEW,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 999 -m state --state NEW,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 1982 -m state --state NEW,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 1983 -m state --state NEW,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 999 -m state --state NEW,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 1982 -m state --state NEW,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --sport 1983 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
COMMIT
# Completed on Tue Apr 29 14:42:10 2008
[root@localhost ~]# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:lhtp
ACCEPT tcp -- anywhere anywhere tcp dpt:estamp
ACCEPT tcp -- anywhere anywhere tcp dpt:garcon
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:http state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:https state NEW
ACCEPT udp -- anywhere anywhere udp dpt:domain state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:domain state NEW
ACCEPT udp -- anywhere anywhere udp dpt:tftp state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:tftp state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 state NEW
ACCEPT udp -- anywhere anywhere udp dpt:ntp state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp-data state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:mysql state NEW
ACCEPT udp -- anywhere anywhere udp dpt:mysql state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:personal-agent state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:teradataordbms state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:etlservicemgr state NEW
DROP all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp spt:garcon state ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:estamp state ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:lhtp state ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:garcon state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:estamp state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:lhtp state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:garcon state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:estamp state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:lhtp state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:garcon state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:estamp state NEW,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp spt:lhtp state NEW,ESTABLISHED

Chain FORWARD (policy DROP)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED

Chain RH-Firewall-1-INPUT (0 references)
target prot opt source destination
[root@localhost ~]#
Reply With Quote
Sponsored Links
  #2  
Old 30th April 2008, 16:03
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,722 Times in 2,563 Posts
Default

What firewall software are you using (e.g. shorewall, Bastille, etc.)? I thin you can enable these ports somewhere in the configuration of your firewall software.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 30th April 2008, 16:16
thehappyappy thehappyappy is offline
Junior Member
 
Join Date: Apr 2008
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I'm not sure what Firewall I'm using - how do I find out?
I used vi /etc/sysconfig/iptables to check which ports are open. The output I
got was:
Code:
# Generated by iptables-save v1.3.5 on Tue Apr 29 19:02:13 2008
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 999 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 1982 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 1983 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --dport 69 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 69 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 110 -m state --state NEW -j ACCEPT
-A INPUT -p udp -m udp --dport 123 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 20 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 21 -m state --state NEW -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -m state --state NEW -j ACCEPT
"/etc/sysconfig/iptables" 32L, 1702C
Reply With Quote
  #4  
Old 1st May 2008, 20:29
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,722 Times in 2,563 Posts
Default

Quote:
Originally Posted by thehappyappy
I'm not sure what Firewall I'm using - how do I find out?
What are the outputs of
Code:
ps aux
and
Code:
ls -l /etc/init.d/
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 1st May 2008, 20:41
thehappyappy thehappyappy is offline
Junior Member
 
Join Date: Apr 2008
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Sorry I don't know and don't quite understand your question.
Reply With Quote
  #6  
Old 2nd May 2008, 15:21
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,722 Times in 2,563 Posts
Default

Please run the command
Code:
ps aux
and post the output of that command here. Do the same for the other command.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 2nd May 2008, 16:24
thehappyappy thehappyappy is offline
Junior Member
 
Join Date: Apr 2008
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Default

The output for is ps aux:
Code:
[root@localhost ~]# ps aux
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.1   2040   668 ?        Ss   Apr29   0:00 init [3]      
root         2  0.0  0.0      0     0 ?        S    Apr29   0:00 [migration/0]
root         3  0.0  0.0      0     0 ?        SN   Apr29   0:00 [ksoftirqd/0]
root         4  0.0  0.0      0     0 ?        S    Apr29   0:00 [watchdog/0]
root         5  0.0  0.0      0     0 ?        S    Apr29   0:00 [migration/1]
root         6  0.0  0.0      0     0 ?        SN   Apr29   0:00 [ksoftirqd/1]
root         7  0.0  0.0      0     0 ?        S    Apr29   0:00 [watchdog/1]
root         8  0.0  0.0      0     0 ?        S<   Apr29   0:00 [events/0]
root         9  0.0  0.0      0     0 ?        S<   Apr29   0:00 [events/1]
root        10  0.0  0.0      0     0 ?        S<   Apr29   0:00 [khelper]
root        11  0.0  0.0      0     0 ?        S<   Apr29   0:00 [kthread]
root        15  0.0  0.0      0     0 ?        S<   Apr29   0:00 [kblockd/0]
root        16  0.0  0.0      0     0 ?        S<   Apr29   0:00 [kblockd/1]
root        17  0.0  0.0      0     0 ?        S<   Apr29   0:00 [kacpid]
root       119  0.0  0.0      0     0 ?        S<   Apr29   0:00 [cqueue/0]
root       120  0.0  0.0      0     0 ?        S<   Apr29   0:00 [cqueue/1]
root       123  0.0  0.0      0     0 ?        S<   Apr29   0:00 [khubd]
root       125  0.0  0.0      0     0 ?        S<   Apr29   0:00 [kseriod]
root       192  0.0  0.0      0     0 ?        S    Apr29   0:00 [pdflush]
root       193  0.0  0.0      0     0 ?        S    Apr29   0:00 [pdflush]
root       194  0.0  0.0      0     0 ?        S<   Apr29   0:00 [kswapd0]
root       195  0.0  0.0      0     0 ?        S<   Apr29   0:00 [aio/0]
root       196  0.0  0.0      0     0 ?        S<   Apr29   0:00 [aio/1]
root       354  0.0  0.0      0     0 ?        S<   Apr29   0:00 [kpsmoused]
root       387  0.0  0.0      0     0 ?        S<   Apr29   0:00 [ata/0]
root       388  0.0  0.0      0     0 ?        S<   Apr29   0:00 [ata/1]
root       389  0.0  0.0      0     0 ?        S<   Apr29   0:00 [ata_aux]
root       393  0.0  0.0      0     0 ?        S<   Apr29   0:00 [scsi_eh_0]
root       394  0.0  0.0      0     0 ?        S<   Apr29   0:00 [scsi_eh_1]
root       395  0.0  0.0      0     0 ?        S<   Apr29   0:01 [kjournald]
root       421  0.0  0.0      0     0 ?        S<   Apr29   0:00 [kauditd]
root       453  0.0  0.1   2224   656 ?        S<s  Apr29   0:00 /sbin/udevd -d
root      1180  0.2  0.5   9000  2724 ?        Ss   15:21   0:00 sshd: root@pts/
root      1184  0.1  0.2   4748  1384 pts/0    Ss   15:21   0:00 -bash
root      1212  0.7  0.4   7780  2524 ?        Ss   15:21   0:00 sshd: unknown [
sshd      1213  0.0  0.2   7492  1300 ?        S    15:21   0:00 sshd: unknown [
root      1214  1.0  0.4   7780  2524 ?        Ss   15:21   0:00 sshd: unknown [
sshd      1215  0.0  0.2   7492  1300 ?        S    15:21   0:00 sshd: unknown [
root      1216  0.0  0.1   4432   884 pts/0    R+   15:21   0:00 ps aux
root      1352  0.0  0.0      0     0 ?        S<   Apr29   0:00 [hda_codec]
root      1486  0.0  0.0      0     0 ?        S<   Apr29   0:00 [kmpathd/0]
root      1487  0.0  0.0      0     0 ?        S<   Apr29   0:00 [kmpathd/1]
root      1519  0.0  0.0      0     0 ?        S<   Apr29   0:06 [kjournald]
root      1521  0.0  0.0      0     0 ?        S<   Apr29   0:00 [kjournald]
root      1523  0.0  0.0      0     0 ?        S<   Apr29   0:00 [kjournald]
root      1805  0.0  0.0      0     0 ?        S<   Apr29   0:00 [kondemand/0]
root      1806  0.0  0.0      0     0 ?        S<   Apr29   0:00 [kondemand/1]
root      2169  0.0  0.1  13084   668 ?        S<sl Apr29   0:00 auditd
root      2171  0.0  0.7  10096  3932 ?        S<s  Apr29   0:00 python /sbin/au
root      2197  0.0  0.1   1704   588 ?        Ss   Apr29   0:01 syslogd -m 0
root      2201  0.0  0.0   1652   396 ?        Ss   Apr29   0:00 klogd -x
named     2249  0.0  0.6  48244  3148 ?        Ssl  Apr29   0:00 /usr/sbin/named
rpc       2275  0.0  0.1   1788   548 ?        Ss   Apr29   0:00 portmap
root      2298  0.0  0.1   1804   728 ?        Ss   Apr29   0:00 rpc.statd
root      2305  0.0  0.0   1644   316 ?        S    Apr29   0:00 /usr/sbin/couri
root      2306  0.0  0.1   2140   696 ?        S    Apr29   0:00 /usr/libexec/co
root      2337  0.0  0.1   2192   784 ?        S    Apr29   0:00 /usr/libexec/co
root      2338  0.0  0.1   2192   784 ?        S    Apr29   0:00 /usr/libexec/co
root      2339  0.0  0.1   2192   784 ?        S    Apr29   0:00 /usr/libexec/co
root      2340  0.0  0.1   2192   784 ?        S    Apr29   0:00 /usr/libexec/co
root      2341  0.0  0.1   2192   784 ?        S    Apr29   0:00 /usr/libexec/co
root      2351  0.0  0.1   5400   588 ?        Ss   Apr29   0:00 rpc.idmapd
dbus      2374  0.0  0.1   2724   748 ?        Ss   Apr29   0:00 dbus-daemon --s
root      2387  0.0  0.1   2128   760 ?        Ss   Apr29   0:00 /usr/sbin/hcid
root      2393  0.0  0.0   1720   500 ?        Ss   Apr29   0:00 /usr/sbin/sdpd
root      2416  0.0  0.0      0     0 ?        S<   Apr29   0:00 [krfcommd]
root      2461  0.0  0.2  12700  1280 ?        Ssl  Apr29   0:00 pcscd
root      2483  0.0  0.0   1892   436 ?        Ss   Apr29   0:00 /usr/bin/hidd -
root      2501  0.0  0.2   9356  1128 ?        Ssl  Apr29   0:00 automount
root      2522  0.0  0.1   1652   536 ?        Ss   Apr29   0:00 /usr/sbin/acpid
root      2538  0.0  0.2   6152  1040 ?        Ss   Apr29   0:01 /usr/sbin/sshd
root      2551  0.0  0.3   9912  1964 ?        Ss   Apr29   0:00 cupsd
root      2578  0.0  1.9  88932 10040 ?        Sl   Apr29   0:10 python MatrixSA
root      2641  0.0  0.3   6704  1748 ?        Ss   Apr29   0:00 /usr/libexec/po
root      2654  0.0  0.0   1884   368 ?        Ss   Apr29   0:00 gpm -m /dev/inp
postfix   2657  0.0  0.3   6824  1864 ?        S    Apr29   0:00 qmgr -l -t fifo
root      2670  0.0  2.1  28176 10864 ?        Ss   Apr29   0:00 /usr/sbin/httpd
root      2683  0.0  0.3   6256  1692 ?        Ss   Apr29   0:00 /usr/sbin/httpd
apache    2684  0.0  0.3   6256  1572 ?        S    Apr29   0:00 /usr/sbin/httpd
apache    2685  0.0  0.3   6384  1592 ?        S    Apr29   0:00 /usr/sbin/httpd
root      2701  0.0  0.0   4436   476 ?        Ss   Apr29   0:00 pure-ftpd (SERV
root      2714  0.0  0.2   5468  1108 ?        Ss   Apr29   0:00 crond
xfs       2737  0.0  0.2   3140  1036 ?        Ss   Apr29   0:00 xfs -droppriv -
apache    2760  0.0  2.7  32348 14000 ?        S    Apr29   2:18 /usr/sbin/httpd
apache    2761  0.0  2.6  32528 13656 ?        R    Apr29   2:19 /usr/sbin/httpd
apache    2762  0.0  2.7  32556 14012 ?        S    Apr29   2:16 /usr/sbin/httpd
apache    2764  0.0  2.6  32392 13456 ?        S    Apr29   2:15 /usr/sbin/httpd
apache    2765  0.0  2.7  32704 14084 ?        S    Apr29   2:15 /usr/sbin/httpd
apache    2767  0.0  2.8  32952 14400 ?        S    Apr29   2:20 /usr/sbin/httpd
apache    2768  0.0  2.6  32544 13596 ?        S    Apr29   2:16 /usr/sbin/httpd
root      2769  0.0  0.0   2216   416 ?        Ss   Apr29   0:00 /usr/sbin/atd
apache    2770  0.0  2.8  32648 14296 ?        S    Apr29   2:17 /usr/sbin/httpd
avahi     2784  0.0  0.2   2552  1380 ?        Ss   Apr29   0:00 avahi-daemon: r
avahi     2785  0.0  0.0   2552   428 ?        Ss   Apr29   0:00 avahi-daemon: c
68        2798  0.0  0.7   5420  3660 ?        Ss   Apr29   0:00 hald
root      2799  0.0  0.1   3116   976 ?        S    Apr29   0:00 hald-runner
68        2806  0.0  0.1   1972   784 ?        S    Apr29   0:00 hald-addon-acpi
root      2807  0.0  0.1   3172   940 ?        S    Apr29   0:00 /usr/libexec/ha
68        2812  0.0  0.1   1972   776 ?        S    Apr29   0:00 hald-addon-keyb
68        2818  0.0  0.1   1976   780 ?        S    Apr29   0:00 hald-addon-keyb
ntp       2874  0.0  0.8   4316  4316 ?        SLs  Apr29   0:00 ntpd -u ntp:ntp
root      2944  0.0  0.0   1640   436 tty1     Ss+  Apr29   0:00 /sbin/mingetty
root      2945  0.0  0.0   1636   432 tty2     Ss+  Apr29   0:00 /sbin/mingetty
root      2946  0.0  0.0   1636   456 tty3     Ss+  Apr29   0:00 /sbin/mingetty
root      2947  0.0  0.0   1636   432 tty4     Ss+  Apr29   0:00 /sbin/mingetty
root      2949  0.0  0.0   1640   436 tty5     Ss+  Apr29   0:00 /sbin/mingetty
root      2952  0.0  0.0   1636   432 tty6     Ss+  Apr29   0:00 /sbin/mingetty
apache    3132  0.0  0.2   6256  1432 ?        S    Apr29   0:00 /usr/sbin/httpd
apache    3137  0.0  0.2   6256  1436 ?        S    Apr29   0:00 /usr/sbin/httpd
apache    3138  0.0  0.2   6256  1432 ?        S    Apr29   0:00 /usr/sbin/httpd
apache    3897  0.0  2.6  32568 13624 ?        S    Apr29   2:12 /usr/sbin/httpd
apache    3898  0.0  2.6  32516 13528 ?        S    Apr29   2:14 /usr/sbin/httpd
apache    4523  0.0  2.7  32672 14036 ?        S    Apr29   2:09 /usr/sbin/httpd
apache    4528  0.0  2.7  32192 13836 ?        S    Apr29   2:07 /usr/sbin/httpd
apache    4536  0.0  2.6  32200 13496 ?        S    Apr29   2:05 /usr/sbin/httpd
apache    4553  0.0  2.7  32840 13808 ?        S    Apr29   2:05 /usr/sbin/httpd
apache    4596  0.0  2.8  32980 14396 ?        S    Apr29   2:11 /usr/sbin/httpd
postfix  30035  0.0  0.3   6772  1724 ?        S    14:14   0:00 pickup -l -t fi
[root@localhost ~]#
and ls -l /etc/init.d/ is:
Code:
[root@localhost ~]# ls -l /etc/init.d/
total 668
-rwxr-xr-x 1 root root  1128 Jan  6  2007 acpid
-rwxr-xr-x 1 root root  1441 Mar 28  2007 anacron
-rwxr-xr-x 1 root root  1429 Mar 14  2007 apmd
-rwxr-xr-x 1 root root  1176 Jan  6  2007 atd
-rwxr-xr-x 1 root root  2796 Nov 10 17:15 auditd
-rwxr-xr-x 1 root root  2461 Feb  9 10:17 autofs
-rwxr-xr-x 1 root root  1848 Mar 14  2007 avahi-daemon
-rwxr-xr-x 1 root root  1789 Mar 14  2007 avahi-dnsconfd
-rwxr-xr-x 1 root root  1477 Mar 28  2007 bluetooth
-rwxr-xr-x 1 root root  1470 Nov 11 17:04 conman
-rwxr-xr-x 1 bin  bin   4796 Jun 28  2007 courier
-r-xr-xr-x 1 root root   893 Jun  7  2007 courier-authlib
-rwxr-xr-x 1 root root  7328 Nov 10 14:42 cpuspeed
-rwxr-xr-x 1 root root  1904 Nov 10 15:17 crond
-rwxr-xr-x 1 root root  1942 Apr  2 10:20 cups
-rwxr-xr-x 1 root root  1505 Jan  6  2007 dc_client
-rwxr-xr-x 1 root root  1347 Jan  6  2007 dc_server
-rwxr-xr-x 1 root root  2785 Mar 14  2007 dhcdbd
-rwxr-xr-x 1 root root  5338 Apr 18 12:59 dkms_autoinstaller
-rwxr-xr-x 1 root root   996 Mar 28  2007 dund
-rwxr-xr-x 1 root root  1965 Nov 10 16:52 firstboot
-rwxr-xr-x 1 root root 13913 Oct 26  2006 functions
-rwxr-xr-x 1 root root  1778 Jan  6  2007 gpm
-rwxr-xr-x 1 root root  1486 Nov 29 23:30 haldaemon
-rwxr-xr-x 1 root root  5766 Jun 22  2007 halt
-rwxr-xr-x 1 root root   966 Mar 28  2007 hidd
-rwxr-xr-x 1 root root  3200 Jan 16 14:31 httpd
-rwxr-xr-x 1 root root  1927 Jun  6  2007 httpd-matrixsa
-rwxr-xr-x 1 root root  1861 Mar 14  2007 ibmasm
-rwxr-xr-x 1 root root  7543 Jan  6  2007 ip6tables
-rwxr-xr-x 1 root root  7460 Jan  6  2007 iptables
-rwxr-xr-x 1 root root  1624 Jan  7  2007 irda
-rwxr-xr-x 1 root root  2120 Nov 10 13:41 irqbalance
-rwxr-xr-x 1 root root   652 Sep  4  2003 killall
-rwxr-xr-x 1 root root  1389 Feb 25  2005 krb524
-rwxr-xr-x 1 root root  1406 Nov 10 16:16 kudzu
-rwxr-xr-x 1 root root  2111 Nov 10 18:50 lvm2-monitor
-rwxr-xr-x 1 root root  2450 Jan 15 13:54 matrixsa
-rwxr-xr-x 1 root root  1871 Dec 19 00:03 mcstrans
-rwxr-xr-x 1 root root  1408 Mar 14  2007 mdmonitor
-rwxr-xr-x 1 root root  1613 Mar 14  2007 mdmpd
-rwxr-xr-x 1 root root  1819 Mar  3 13:44 messagebus
-rwxr-xr-x 1 root root  1926 Nov 10 15:51 microcode_ctl
-rwxr-xr-x 1 root root  1193 Mar 11 18:33 multipathd
-rwxr-xr-x 1 root root  4582 Dec 19 01:07 mysqld
-rwxr-xr-- 1 root root  8643 Nov 10 15:22 named
-rwxr-xr-x 1 root root  2985 Aug  7  2007 netconsole
-rwxr-xr-x 1 root root  5675 Aug  1  2006 netfs
-rwxr-xr-x 1 root root  1289 Jan  7  2007 netplugd
-rwxr-xr-x 1 root root  7992 Jun 22  2007 network
-rwxr-xr-x 1 root root  1598 Mar 14  2007 NetworkManager
-rwxr-xr-x 1 root root  1480 Mar 14  2007 NetworkManagerDispatcher
-rwxr-xr-x 1 root root  4589 Nov 12 06:37 nfs
-rwxr-xr-x 1 root root  3266 Nov 12 06:37 nfslock
-rwxr-xr-x 1 root root  2517 Nov 30 02:22 nscd
-rwxr-xr-x 1 root root  3361 Nov 10 12:34 ntpd
-rwxr-xr-x 1 root root  1790 Jan  6  2007 oddjobd
-rwxr-xr-x 1 root root  1203 Mar 28  2007 pand
-rwxr-xr-x 1 root root  1525 Jan  6  2007 pcscd
-rwxr-xr-x 1 root root  1877 Jan  6  2007 portmap
-rwxr-xr-x 1 root root  2404 Jan 21  2007 postfix
-rwxr-xr-x 1 root root  1021 Jan  6  2007 psacct
-rwxr-xr-x 1 root root  1323 Dec 18  2001 pure-ftpd
-rwxr-xr-x 1 root root  1387 Mar 14  2007 rdisc
-rwxr-xr-x 1 root root   931 Mar 14  2007 readahead_early
-rwxr-xr-x 1 root root   930 Mar 14  2007 readahead_later
-rwxr-xr-x 1 root root  1793 Nov 10 14:46 restorecond
-rwxr-xr-x 1 root root  2415 Nov 12 06:37 rpcgssd
-rwxr-xr-x 1 root root  2040 Nov 12 06:37 rpcidmapd
-rwxr-xr-x 1 root root  2420 Nov 12 06:37 rpcsvcgssd
-rwxr-xr-x 1 root root  1547 Jan  7  2007 saslauthd
-rwxr-xr-x 1 root root   647 Jul 20  2006 single
-rwxr-xr-x 1 root root  2525 Mar 15  2007 smartd
-rwxr-xr-x 1 root root  3283 Apr 18 01:56 squid
-rwxr-xr-x 1 root root  3340 Nov 10 13:58 sshd
-rwxr-xr-x 1 root root  2012 Nov 10 12:49 syslog
-rwxr-xr-x 1 root root  2796 Jan  7  2007 tux
-rwxr-xr-x 1 root root  1650 Jan  7  2007 wpa_supplicant
-rwxr-xr-x 1 root root  3902 Jul 12  2007 xfs
-rwxr-xr-x 1 root root  3465 Nov 10 14:30 ypbind
-rwxr-xr-x 1 root root  1098 Nov 10 17:14 yum-updatesd
[root@localhost ~]#
Reply With Quote
  #8  
Old 3rd May 2008, 20:51
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,722 Times in 2,563 Posts
Default

What's in /etc/init.d/iptables?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #9  
Old 6th May 2008, 11:14
thehappyappy thehappyappy is offline
Junior Member
 
Join Date: Apr 2008
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Default

That's

Code:
#!/bin/sh
#
# iptables      Start iptables firewall
#
# chkconfig: 2345 08 92
# description:  Starts, stops and saves iptables firewall
#
# config: /etc/sysconfig/iptables
# config: /etc/sysconfig/iptables-config

# Source function library.
. /etc/init.d/functions

IPTABLES=iptables
IPTABLES_DATA=/etc/sysconfig/$IPTABLES
IPTABLES_CONFIG=/etc/sysconfig/${IPTABLES}-config
IPV=${IPTABLES%tables} # ip for ipv4 | ip6 for ipv6
PROC_IPTABLES_NAMES=/proc/net/${IPV}_tables_names
VAR_SUBSYS_IPTABLES=/var/lock/subsys/$IPTABLES

if [ ! -x /sbin/$IPTABLES ]; then
    echo -n $"/sbin/$IPTABLES does not exist."; warning; echo
    exit 0
fi

if lsmod 2>/dev/null | grep -q ipchains ; then
    echo -n $"ipchains and $IPTABLES can not be used together."; warning; echo
    exit 0
fi

# Old or new modutils
/sbin/modprobe --version 2>&1 | grep -q module-init-tools \
    && NEW_MODUTILS=1 \
    || NEW_MODUTILS=0

# Default firewall configuration:
IPTABLES_MODULES=""
IPTABLES_MODULES_UNLOAD="yes"
IPTABLES_SAVE_ON_STOP="no"
IPTABLES_SAVE_ON_RESTART="no"
IPTABLES_SAVE_COUNTER="no"
IPTABLES_STATUS_NUMERIC="yes"

# Load firewall configuration.
[ -f "$IPTABLES_CONFIG" ] && . "$IPTABLES_CONFIG"

rmmod_r() {
    # Unload module with all referring modules.
    # At first all referring modules will be unloaded, then the module itself.
    local mod=$1
    local ret=0
    local ref=

    # Get referring modules.
    # New modutils have another output format.
    [ $NEW_MODUTILS = 1 ] \
        && ref=`lsmod | awk "/^${mod}/ { print \\\$4; }" | tr ',' ' '` \
        || ref=`lsmod | grep ^${mod} | cut -d "[" -s -f 2 | cut -d "]" -s -f 1`

    # recursive call for all referring modules
    for i in $ref; do
        rmmod_r $i
        let ret+=$?;
 done

    # Unload module.
    # The extra test is for 2.6: The module might have autocleaned,
    # after all referring modules are unloaded.
    if grep -q "^${mod}" /proc/modules ; then
        modprobe -r $mod > /dev/null 2>&1
        let ret+=$?;
    fi

    return $ret
}

flush_n_delete() {
    # Flush firewall rules and delete chains.
    [ -e "$PROC_IPTABLES_NAMES" ] || return 1

    # Check if firewall is configured (has tables)
    tables=`cat $PROC_IPTABLES_NAMES 2>/dev/null`
    [ -z "$tables" ] && return 1

    echo -n $"Flushing firewall rules: "
    ret=0
    # For all tables
    for i in $tables; do
        # Flush firewall rules.
        $IPTABLES -t $i -F;
        let ret+=$?;

        # Delete firewall chains.
        $IPTABLES -t $i -X;
        let ret+=$?;

        # Set counter to zero.
        $IPTABLES -t $i -Z;
        let ret+=$?;
    done

    [ $ret -eq 0 ] && success || failure
    echo
    return $ret
}

set_policy() {
    # Set policy for configured tables.
    policy=$1

    # Check if iptable module is loaded
    [ ! -e "$PROC_IPTABLES_NAMES" ] && return 1

    # Check if firewall is configured (has tables)
    tables=`cat $PROC_IPTABLES_NAMES 2>/dev/null`
    [ -z "$tables" ] && return 1

    echo -n $"Setting chains to policy $policy: "
    ret=0
    for i in $tables; do
        echo -n "$i "
        case "$i" in
            raw)
                $IPTABLES -t raw -P PREROUTING $policy \
                    && $IPTABLES -t raw -P OUTPUT $policy \
|| let ret+=1
                ;;
            filter)
                $IPTABLES -t filter -P INPUT $policy \
                    && $IPTABLES -t filter -P OUTPUT $policy \
                    && $IPTABLES -t filter -P FORWARD $policy \
                    || let ret+=1
                ;;
            nat)
                $IPTABLES -t nat -P PREROUTING $policy \
                    && $IPTABLES -t nat -P POSTROUTING $policy \
                    && $IPTABLES -t nat -P OUTPUT $policy \
                    || let ret+=1
                ;;
            mangle)
                $IPTABLES -t mangle -P PREROUTING $policy \
                    && $IPTABLES -t mangle -P POSTROUTING $policy \
                    && $IPTABLES -t mangle -P INPUT $policy \
                    && $IPTABLES -t mangle -P OUTPUT $policy \
                    && $IPTABLES -t mangle -P FORWARD $policy \
                    || let ret+=1
                ;;
            *)
                let ret+=1
                ;;
        esac
    done

    [ $ret -eq 0 ] && success || failure
    echo
    return $ret
}

start() {
    # Do not start if there is no config file.
    [ -f "$IPTABLES_DATA" ] || return 1

    echo -n $"Applying $IPTABLES firewall rules: "

    OPT=
    [ "x$IPTABLES_SAVE_COUNTER" = "xyes" ] && OPT="-c"

    $IPTABLES-restore $OPT $IPTABLES_DATA
    if [ $? -eq 0 ]; then
        success; echo
    else
        failure; echo; return 1
    fi

    # Load additional modules (helpers)
    if [ -n "$IPTABLES_MODULES" ]; then
        echo -n $"Loading additional $IPTABLES modules: "
        ret=0
        for mod in $IPTABLES_MODULES; do
            echo -n "$mod "
            modprobe $mod > /dev/null 2>&1
            let ret+=$?;
        done
        [ $ret -eq 0 ] && success || failure
        echo
    fi
 touch $VAR_SUBSYS_IPTABLES
    return $ret
}

stop() {
    # Do not stop if iptables module is not loaded.
    [ -e "$PROC_IPTABLES_NAMES" ] || return 1

    flush_n_delete
    set_policy ACCEPT

    if [ "x$IPTABLES_MODULES_UNLOAD" = "xyes" ]; then
        echo -n $"Unloading $IPTABLES modules: "
        ret=0
        rmmod_r ${IPV}_tables
        let ret+=$?;
        rmmod_r ${IPV}_conntrack
        let ret+=$?;
        [ $ret -eq 0 ] && success || failure
        echo
    fi

    rm -f $VAR_SUBSYS_IPTABLES
    return $ret
}

save() {
    # Check if iptable module is loaded
    [ ! -e "$PROC_IPTABLES_NAMES" ] && return 1

    # Check if firewall is configured (has tables)
    tables=`cat $PROC_IPTABLES_NAMES 2>/dev/null`
    [ -z "$tables" ] && return 1

    echo -n $"Saving firewall rules to $IPTABLES_DATA: "

    OPT=
    [ "x$IPTABLES_SAVE_COUNTER" = "xyes" ] && OPT="-c"

    ret=0
    TMP_FILE=`/bin/mktemp -q /tmp/$IPTABLES.XXXXXX` \
        && chmod 600 "$TMP_FILE" \
        && $IPTABLES-save $OPT > $TMP_FILE 2>/dev/null \
        && size=`stat -c '%s' $TMP_FILE` && [ $size -gt 0 ] \
        || ret=1
    if [ $ret -eq 0 ]; then
        if [ -e $IPTABLES_DATA ]; then
            cp -f $IPTABLES_DATA $IPTABLES_DATA.save \
                && chmod 600 $IPTABLES_DATA.save \
                || ret=1
        fi
        if [ $ret -eq 0 ]; then
            cp -f $TMP_FILE $IPTABLES_DATA \
                && chmod 600 $IPTABLES_DATA \
                || ret=1
        fi
    fi
    [ $ret -eq 0 ] && success || failure
    echo
    rm -f $TMP_FILE
    return $ret
}

status() {
    tables=`cat $PROC_IPTABLES_NAMES 2>/dev/null`

    # Do not print status if lockfile is missing and iptables modules are not
    # loaded.
    # Check if iptable module is loaded
    if [ ! -f "$VAR_SUBSYS_IPTABLES" -a -z "$tables" ]; then
        echo $"Firewall is stopped."
        return 1
    fi

    # Check if firewall is configured (has tables)
    if [ ! -e "$PROC_IPTABLES_NAMES" ]; then
        echo $"Firewall is not configured. "
        return 1
    fi
    if [ -z "$tables" ]; then
        echo $"Firewall is not configured. "
        return 1
    fi

    NUM=
    [ "x$IPTABLES_STATUS_NUMERIC" = "xyes" ] && NUM="-n"
    VERBOSE=
    [ "x$IPTABLES_STATUS_VERBOSE" = "xyes" ] && VERBOSE="--verbose"
    COUNT=
    [ "x$IPTABLES_STATUS_LINENUMBERS" = "xyes" ] && COUNT="--line-numbers"

    for table in $tables; do
        echo $"Table: $table"
        $IPTABLES -t $table --list $NUM $VERBOSE $COUNT && echo
    done

    return 0
}

restart() {
    [ "x$IPTABLES_SAVE_ON_RESTART" = "xyes" ] && save
    stop
    start
}

case "$1" in
    start)
        stop
        start
        RETVAL=$?
        ;;
    stop)
        [ "x$IPTABLES_SAVE_ON_STOP" = "xyes" ] && save
        stop
        RETVAL=$?
        ;;
    restart)
        restart
        RETVAL=$?
        ;;
    condrestart)
        [ -e "$VAR_SUBSYS_IPTABLES" ] && restart
        ;;

    status)
        status
        RETVAL=$?
        ;;
    panic)
        flush_n_delete
        set_policy DROP
        RETVAL=$?
        ;;
    save)
        save
        RETVAL=$?
        ;;
    *)
        echo $"Usage: $0 {start|stop|restart|condrestart|status|panic|save}"
        exit 1
        ;;
esac

exit $RETVAL
Thanks
Reply With Quote
  #10  
Old 7th May 2008, 16:58
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,722 Times in 2,563 Posts
 
Default

Ok, the init script reads from /etc/sysconfig/iptables and /etc/sysconfig/iptables-config, so I guess the firewall configuration is in one of these two files. Can you post their contents here?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPconfig, blocked ports (pop/smtp), Authentication/SSL orasis Installation/Configuration 13 19th March 2007 13:29
Opening Ports in Fedora to allow Bittorent sbovisjb1 Installation/Configuration 22 25th March 2006 15:55
ports closed t_ras Installation/Configuration 3 22nd February 2006 23:30
open ports rayit General 6 18th January 2006 14:23
Problem opening firewall port weedguy General 15 12th August 2005 01:05


All times are GMT +2. The time now is 05:03.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.