?
Solved

block the port using RHEL inbulit firewall

Posted on 2008-06-22
6
Medium Priority
?
637 Views
Last Modified: 2008-07-30
Hi,
kindly let me know how to block the port using RHEL inbulit firewall

Thanks in advance
Naresh
0
Comment
Question by:sitg
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 
LVL 19

Expert Comment

by:http:// thevpn.guru
ID: 21840491
iptables -A INPUT -p tcp --dport 21 -j DROP

Change the port number
0
 
LVL 16

Expert Comment

by:Blaz
ID: 21843886
Or for the rule to work for sure use:
iptables -I INPUT -p tcp --dport 21 -j DROP

Rule order is important - the above rule inserts the rule to the start of firewall chain and drops the packet as soon as the firewall chain gets processed.
0
 
LVL 19

Expert Comment

by:Gabriel Orozco
ID: 21931408
If the port is not trusted it should be in state disabled.<br><br>check here: <br><a rel="nofollow" href="http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/sysadmin-guide/s1-redhat-config-kickstart-firewall.html" target="_blank">http://www.redhat.com/docs<wbr>/manuals/e<wbr>nterprise/<wbr>RHEL-4-Man<wbr>ual/<wbr>sysadm<wbr>in-guide/s<wbr>1-redhat-c<wbr>onfig-kick<wbr>start-fire<wbr>wall.html</a><br><br>if it is enabled, just click in the checkbox.<br><br>the other way, much in the form previously described, is to insert the blocking rule as Blaz and shakoush2001 described, test it block the port you were looking for, and THEN sve the rules so the change is made permanent:<br><br>/sbin/service iptables save<br><br>that's it.<br>you can get much more information here:<br><a rel="nofollow" href="http://searchenterpriselinux.techtarget.com/tip/0,289483,sid39_gci1162861,00.html" target="_blank">http://searchenterpriselin<wbr>ux.techtar<wbr>get.com/ti<wbr>p/<wbr>0,289483<wbr>,sid39_gci<wbr>1162861,00<wbr>.html</a>
0
 
LVL 19

Accepted Solution

by:
Gabriel Orozco earned 1000 total points
ID: 22096801
er.. I object

my post was incorrectly pasted, but it say how to block the port *using the built in redhat firewall* as the user requested.

let me copy it by hand here:
If the port is not trusted it should be in state disabled.

check here: http://www.redhat.com/docs<wbr>/manuals/e<wbr>nterprise/

which is the RHEL-4-Man sysadmin-guide. it says:
if it is enabled, just click in the checkbox and save.

the other way, much in the form previously described, is to insert the blocking rule as Blaz and shakoush2001 described, test it block the port you were looking for, and THEN save the rules so the change is made permanent:

/sbin/service iptables save

that's it.

you can get much more information here:
http://searchenterpriselinux.techtarget.com/tip/0,289483,sid39_gci1162861,00.html

hope this time it got posted correctly.       
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Fine Tune your automatic Updates for Ubuntu / Debian
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month11 days, 1 hour left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question