Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 12th April 2013, 17:09
onastvar onastvar is offline
Senior Member
 
Join Date: Apr 2008
Location: U.S.A.
Posts: 188
Thanks: 59
Thanked 10 Times in 10 Posts
Question Looking to open up a port on my server

I'm looking to open up a port 5566 on my server. I've added 5566 to SYSTEM > FIREWALL.
My router doesn't block any ports.

This site http://www.yougetsignal.com/tools/open-ports/
shows Port 5566 is closed on 123.123.123.123.

IP Tables

Code:
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:5566
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
ACCEPT     udp  --  anywhere             anywhere            udp dpt:mysql
ACCEPT     udp  --  anywhere             anywhere            udp dpt:5566
DROP       icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere
When I attempted to telnet from my workstation to ip address 123.123.123.123:5566 it failed and was trying to open port 23.

I need to make sure that port 5566, which is what the API uses to connect the web pages to the database is allowed through the firewall.

Does anyone know how I can troubleshoot this?
Attached Images
 
__________________
ISPConfig 3.0.5.4p1 | Debian Wheezy | BIND | Dovecot 1.2.15 | Apache 2.2.16 | MySQL 5.5 | PHP 5.4.4-14

Last edited by onastvar; 12th April 2013 at 17:24.
Reply With Quote
Sponsored Links
  #2  
Old 13th April 2013, 04:41
markc markc is offline
Member
 
Join Date: Dec 2012
Posts: 56
Thanks: 6
Thanked 9 Times in 9 Posts
Default

Perhaps try telnet 123.123.123.123 5566 (no colon).
Reply With Quote
  #3  
Old 13th April 2013, 06:22
onastvar onastvar is offline
Senior Member
 
Join Date: Apr 2008
Location: U.S.A.
Posts: 188
Thanks: 59
Thanked 10 Times in 10 Posts
Default

still no luck

Code:
telnet 123.123.123.123 5566
Connecting To 123.123.123.123..Could not open connection to the host, 
on port 5566: Connect failed
__________________
ISPConfig 3.0.5.4p1 | Debian Wheezy | BIND | Dovecot 1.2.15 | Apache 2.2.16 | MySQL 5.5 | PHP 5.4.4-14
Reply With Quote
  #4  
Old 13th April 2013, 09:15
markc markc is offline
Member
 
Join Date: Dec 2012
Posts: 56
Thanks: 6
Thanked 9 Times in 9 Posts
Default

You've got pings disabled so maybe remove this rule until you have everything working...

DROP icmp -- anywhere anywhere

Then install nmap and nmap 123.123.123.123 and that will show you all the ports open on this IP.
Reply With Quote
  #5  
Old 13th April 2013, 17:47
onastvar onastvar is offline
Senior Member
 
Join Date: Apr 2008
Location: U.S.A.
Posts: 188
Thanks: 59
Thanked 10 Times in 10 Posts
Default

Thanks Markc! Do you know how do I remove rule:

Code:
DROP icmp -- anywhere anywhere
-su: DROP: command not found
i installed nmap, which shows open ports, 5566 isn't on the list. It looks like change made in SYSTEM > FIREWALL aren't being respected.

Code:
nmap 123.123.123.123

Starting Nmap 5.00 ( http://nmap.org ) at 2013-04-13 10:40 CDT
Interesting ports on server.server1.com (123.123.123.123):
Not shown: 984 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
25/tcp   open  smtp
53/tcp   open  domain
80/tcp   open  http
110/tcp  open  pop3
111/tcp  open  rpcbind
143/tcp  open  imap
443/tcp  open  https
465/tcp  open  smtps
587/tcp  open  submission
993/tcp  open  imaps
995/tcp  open  pop3s
3306/tcp open  mysql
8080/tcp open  http-proxy
8081/tcp open  blackice-icecap

Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds
__________________
ISPConfig 3.0.5.4p1 | Debian Wheezy | BIND | Dovecot 1.2.15 | Apache 2.2.16 | MySQL 5.5 | PHP 5.4.4-14
Reply With Quote
  #6  
Old 13th April 2013, 18:13
markc markc is offline
Member
 
Join Date: Dec 2012
Posts: 56
Thanks: 6
Thanked 9 Times in 9 Posts
Default

Presuming it's an INPUT rule on 123.123.123.123 then try...

iptables -D INPUT -p icmp -j DROP

and then try and ping 123.123.123.123 from your desktop machine. You can also try netstat -tanup | grep 5566 on your server to see if any daemon is listening to those ports.

Last edited by markc; 13th April 2013 at 18:17.
Reply With Quote
  #7  
Old 13th April 2013, 18:22
onastvar onastvar is offline
Senior Member
 
Join Date: Apr 2008
Location: U.S.A.
Posts: 188
Thanks: 59
Thanked 10 Times in 10 Posts
Default

Thanks Markc. Before I ran

iptables -D INPUT -p icmp -j DROP

will I be able to reverse it and how?
__________________
ISPConfig 3.0.5.4p1 | Debian Wheezy | BIND | Dovecot 1.2.15 | Apache 2.2.16 | MySQL 5.5 | PHP 5.4.4-14
Reply With Quote
  #8  
Old 13th April 2013, 18:35
markc markc is offline
Member
 
Join Date: Dec 2012
Posts: 56
Thanks: 6
Thanked 9 Times in 9 Posts
Default

Yes. It's probably part of your default firewall rules so if you rebooted I am guessing it would come back anyway.

iptables -A INPUT -p icmp -j DROP

This does not have a lot to do with your original problem other than to allow easier testing by pinging your server from external hosts. Also, the ports may be missing from the nmap output simply because whatever server process is supposed to be providing a service for those ports is not actually up and running on your server.

Last edited by markc; 13th April 2013 at 18:39.
Reply With Quote
  #9  
Old 13th April 2013, 18:58
onastvar onastvar is offline
Senior Member
 
Join Date: Apr 2008
Location: U.S.A.
Posts: 188
Thanks: 59
Thanked 10 Times in 10 Posts
Default

I've sent email to tech support of the application I'm installing to check what services or server processes need to run on port 5566.
__________________
ISPConfig 3.0.5.4p1 | Debian Wheezy | BIND | Dovecot 1.2.15 | Apache 2.2.16 | MySQL 5.5 | PHP 5.4.4-14
Reply With Quote
  #10  
Old 15th April 2013, 15:13
onastvar onastvar is offline
Senior Member
 
Join Date: Apr 2008
Location: U.S.A.
Posts: 188
Thanks: 59
Thanked 10 Times in 10 Posts
 
Default

Application is using API service. I'm getting this error

Warning: fsockopen(): unable to connect to ssl://123.123.123.123:5566 (Connection refused) Error => Cannot Open Socket to Server. [Failure]

Anyone know how to fix this?
__________________
ISPConfig 3.0.5.4p1 | Debian Wheezy | BIND | Dovecot 1.2.15 | Apache 2.2.16 | MySQL 5.5 | PHP 5.4.4-14
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Confused abaut Primary and Secondary DNS Servers configuration. cautbur Installation/Configuration 14 14th February 2013 10:27
Local mail server - final touch Alexhor Installation/Configuration 4 12th April 2012 22:33
amavis & ispconfig 3 yalex2000 Installation/Configuration 20 18th February 2010 17:02
Webmail problems with only one domain? compner Installation/Configuration 14 16th February 2010 16:59
Webmail Relay Error palkat General 17 23rd April 2006 18:12


All times are GMT +2. The time now is 12:10.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.