Wednesday, July 29, 2009

Opening an iptables firewall port on RHEL 5

I started a new service on a host running RHEL 5.1... and discovered that the port I needed to connect remotely was closed, the firewall would not let me in.

The error I got was somewhat misleading,
telnet [my host]  12345
Trying [ip address]...
telnet: Unable to connect to remote host: No route to host
however the same command from the same host worked; si I knew it was a firewall problem.

The firewall is iptables, and this tutorial saved my day. I just ran iptables -L to show current rules, verifying there were a few open ports (not including mine) and a last rule to drop every other incoming connection. So I ran iptables -I INPUT -p tcp --dport 12345 -j ACCEPT and that's it... the port is now open.

That's good for testing. Now, to make this persistent, go edit /etc/sysconfig/iptables, and add a line like this:

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 12345 -j ACCEPT

and run /sbin/service/iptables restart
Posted by at
tags: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)