Advertisement

07.23.2008 at 07:08PM PDT, ID: 23590814 | Points: 250
[x]
Attachment Details

Having problems allowig ports 9001 and higher udp through iptables when using plesk firewall module.

Asked by norgan in Linux Network Security

Tags: centos, plesk firewall, high udp ports

cannot get anything on ports higher than 9000 working. i have used plesk firewall module to apply rules and the tables look fine however no connection are possible from 9001~9005.

i can;t work out if this is a plesk issue or a centos issue.Start Free Trial 
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:

Netstat output:
 
udp        0      0 208.96.161.125:8999         0.0.0.0:*
udp        0      0 208.96.161.122:8999         0.0.0.0:*
udp        0      0 208.96.161.120:8999         0.0.0.0:*
udp        0      0 208.96.161.121:8999         0.0.0.0:*
udp        0      0 208.96.161.118:8999         0.0.0.0:*
udp        0      0 208.96.161.125:9000         0.0.0.0:*
udp        0      0 208.96.161.123:9000         0.0.0.0:*
udp        0      0 208.96.161.122:9000         0.0.0.0:*
udp        0      0 208.96.161.120:9000         0.0.0.0:*
udp        0      0 208.96.161.121:9000         0.0.0.0:*
udp        0      0 208.96.161.118:9000         0.0.0.0:*
udp        0      0 208.96.161.125:9001         0.0.0.0:*
udp        0      0 208.96.161.122:9001         0.0.0.0:*
udp        0      0 208.96.161.125:9002         0.0.0.0:*
udp        0      0 208.96.161.125:9003         0.0.0.0:*
udp        0      0 208.96.161.125:9004         0.0.0.0:*
 
 
Iptables :
 
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
REJECT     tcp  --  anywhere             anywhere            tcp flags:!FIN,SYN,RST,ACK/SYN reject-with tcp-reset
DROP       all  --  anywhere             anywhere            state INVALID
ACCEPT     all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:vcom-tunnel
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:teradataordbms
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:8003
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:8004
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:8005
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:8895
ACCEPT     udp  --  anywhere             anywhere            udp dpt:8895
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:8896
ACCEPT     udp  --  anywhere             anywhere            udp dpt:8896
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:8897
ACCEPT     udp  --  anywhere             anywhere            udp dpt:8897
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:8898
ACCEPT     udp  --  anywhere             anywhere            udp dpt:8898
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:8899
ACCEPT     udp  --  anywhere             anywhere            udp dpt:8899
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:bctp
ACCEPT     udp  --  anywhere             anywhere            udp dpt:bctp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:cslistener
ACCEPT     udp  --  anywhere             anywhere            udp dpt:cslistener
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:etlservicemgr
ACCEPT     udp  --  anywhere             anywhere            udp dpt:etlservicemgr
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:dynamid
ACCEPT     udp  --  anywhere             anywhere            udp dpt:dynamid
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:9003
ACCEPT     udp  --  anywhere             anywhere            udp dpt:9003
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:9004
ACCEPT     udp  --  anywhere             anywhere            udp dpt:9004
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:9005
ACCEPT     udp  --  anywhere             anywhere            udp dpt:9005
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pcsync-https
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:cddbp-alt
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:submission
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtps
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3s
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:imap
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:imaps
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:poppassd
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:postgres
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:9008
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:glrpc
ACCEPT     udp  --  anywhere             anywhere            udp dpt:netbios-ns
ACCEPT     udp  --  anywhere             anywhere            udp dpt:netbios-dgm
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:netbios-ssn
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:microsoft-ds
ACCEPT     udp  --  anywhere             anywhere            udp dpt:openvpn
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain
ACCEPT     icmp --  anywhere             anywhere            icmp type 8 code 0
DROP       all  --  anywhere             anywhere
 
Keywords: Having problems allowig ports 9001…
Title
1 Trying to allow my server to serve DN…
2 PLESK DNS and GoDaddy
3 netfilter modules
4 GCC Plesk 8, Centos
5 iptables-save
6 CentOS Opening port for FTP Server /…
 
Loading Advertisement...
 
[+][-]08.01.2008 at 04:41AM PDT, ID: 22137263

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]08.01.2008 at 04:44AM PDT, ID: 22137279

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]08.21.2008 at 09:04PM PDT, ID: 22286514

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628