#1  
Old 10th November 2012, 07:25
rbartz rbartz is offline
Member
 
Join Date: Apr 2006
Posts: 80
Thanks: 9
Thanked 6 Times in 5 Posts
Default Firewall Not Opening Ports

I am having a problem opening ports 1935 and 5080 for media streaming.

I used The Perfect Server - CentOS 6.3 x86_64 setup, and after a few blips all the normal stuff is running right. (Found out again that phpMyAdmin is not the same as phpmyadmin!)

Anyway, after setting ispconfig3 to open those two ports, I get this with iptables -L -n
================================================== =
Chain INPUT (policy DROP)
target prot opt source destination
DROP tcp -- 0.0.0.0/0 127.0.0.0/8
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
DROP all -- 224.0.0.0/4 0.0.0.0/0
PUB_IN all -- 0.0.0.0/0 0.0.0.0/0
PUB_IN all -- 0.0.0.0/0 0.0.0.0/0
PUB_IN all -- 0.0.0.0/0 0.0.0.0/0
PUB_IN all -- 0.0.0.0/0 0.0.0.0/0
PUB_IN all -- 0.0.0.0/0 0.0.0.0/0
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- 0.0.0.0/0 0.0.0.0/0
PUB_OUT all -- 0.0.0.0/0 0.0.0.0/0
PUB_OUT all -- 0.0.0.0/0 0.0.0.0/0
PUB_OUT all -- 0.0.0.0/0 0.0.0.0/0
PUB_OUT all -- 0.0.0.0/0 0.0.0.0/0

Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0

Chain PAROLE (19 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0

Chain PUB_IN (5 references)
target prot opt source destination
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:20
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:81
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:110
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:993
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:995
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:1935
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5080
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8081
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:10000
PAROLE tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:10001
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:3306
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain PUB_OUT (5 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0

Chain fail2ban-Dovecot (0 references)
target prot opt source destination

Chain fail2ban-SMTP (0 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0

Chain fail2ban-SSH (0 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
===============================================
Looks like the ports are set right there.

However, with Nmap I get this:
==================================================
#nmap -sS 127.0.0.1

Starting Nmap 5.51 ( http://nmap.org ) at 2012-11-09 16:19 MST
Nmap scan report for 69-64-65-69.phx.dedicated.codero.com (127.0.0.1)
Host is up (0.0000050s latency).
Not shown: 983 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
25/tcp open smtp
53/tcp open domain
80/tcp open http
110/tcp open pop3
111/tcp open rpcbind
143/tcp open imap
443/tcp open https
631/tcp open ipp
993/tcp open imaps
995/tcp open pop3s
3306/tcp open mysql
8080/tcp open http-proxy
8081/tcp open blackice-icecap
10001/tcp open scp-config
10025/tcp open unknown

Nmap done: 1 IP address (1 host up) scanned in 0.08 seconds
==================================================
telnet localhost 5080 says connection refused. The ports are not open...

Any ideas? Thanks!

Richard
Reply With Quote
Sponsored Links
  #2  
Old 10th November 2012, 13:11
rbartz rbartz is offline
Member
 
Join Date: Apr 2006
Posts: 80
Thanks: 9
Thanked 6 Times in 5 Posts
 
Default Found The Problem

After thinking about this a bit, I realized Nmap will not show a port open unless something is there to answer.......

The problem was with the red5 server script, the base directory was not right so it was creating the pid file but not actually starting from the /etc/init.d/red5 script.

Fixed the script and all was good.

Sorry to bother you guys!

Richard
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Ports blocked despite firewall off in groupware setup avamk Server Operation 0 1st July 2011 03:51
what ports need to be open for gateway firewall zogthegreat Installation/Configuration 2 20th May 2010 19:47
Implement single firewall login for access to all ports on LAN? ripwit Installation/Configuration 1 29th August 2007 06:03
Firewall won't open or close ports Scarecrow Installation/Configuration 1 14th February 2006 09:05
Problem opening firewall port weedguy General 15 12th August 2005 01:05


All times are GMT +2. The time now is 09:03.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.