Learn Time:1 Minute, 39 Second
A TCP/IP community connection could also be both blocked, dropped, open, or filtered. These actions are typically managed by the IPtables firewall the system makes use of and is impartial of any course of or program that could be listening on a community port. This put up will define the steps to open a port required by a utility. For this put up instance, we will likely be opening Utility Particular (Apache) Port 55555.
Server particulars are as beneath:
# uname -a Linux geeklab 3.10.0-693.17.1.el7.x86_64 #1 SMP Thu Jan 25 20:13:58 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
# cat /and many others/redhat-release CentOS Linux launch 7.4.1708 (Core)
1. Test Port Standing
Test that the port shouldn’t be open and Apache shouldn’t be displaying that port:
# netstat -na | grep 55555
# lsof -i -P |grep http httpd 5823 root 4u IPv6 42212 0t0 TCP *:80 (LISTEN)
2. Test Port Standing in iptables
Test that iptables are usually not displaying that port open:
# iptables-save | grep 55555
3. Add the port
Add the check port in /and many others/companies file and permit the port to just accept packets. Take a look at port will be added by modifying /and many others/companies file in beneath format:
# vi /and many others/companies service-name port/protocol [aliases ...] [# comment]
# vi /and many others/companies testport 55555/tcp # Utility Identify
4. Open firewall ports
Add Firewall rule to permit the port to just accept packets:
# firewall-cmd --zone=public --add-port=55555/tcp --permanent success
# firewall-cmd --reload success
# iptables-save | grep 55555 -A IN_public_allow -p tcp -m tcp --dport 55555 -m conntrack --ctstate NEW -j ACCEPT
5. Test newly added port standing
After including the port for httpd and reloading httpd companies, discover now httpd can also be listening to newly added port 55555:
# lsof -i -P |grep http httpd 6595 root 4u IPv6 43709 0t0 TCP *:80 (LISTEN) httpd 6595 root 6u IPv6 43713 0t0 TCP *:55555 (LISTEN)
# netstat -na |grep 55555 tcp6 0 0 :::55555 :::* LISTEN