Solved

block the port using RHEL inbulit firewall

Posted on 2008-06-22
6
630 Views
Last Modified: 2008-07-30
Hi,
kindly let me know how to block the port using RHEL inbulit firewall

Thanks in advance
Naresh
0
Comment
Question by:sitg
  • 2
6 Comments
 
LVL 19

Expert Comment

by:http:// thevpn.guru
ID: 21840491
iptables -A INPUT -p tcp --dport 21 -j DROP

Change the port number
0
 
LVL 16

Expert Comment

by:Blaz
ID: 21843886
Or for the rule to work for sure use:
iptables -I INPUT -p tcp --dport 21 -j DROP

Rule order is important - the above rule inserts the rule to the start of firewall chain and drops the packet as soon as the firewall chain gets processed.
0
 
LVL 19

Expert Comment

by:Gabriel Orozco
ID: 21931408
If the port is not trusted it should be in state disabled.<br><br>check here: <br><a rel="nofollow" href="http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/sysadmin-guide/s1-redhat-config-kickstart-firewall.html" target="_blank">http://www.redhat.com/docs<wbr>/manuals/e<wbr>nterprise/<wbr>RHEL-4-Man<wbr>ual/<wbr>sysadm<wbr>in-guide/s<wbr>1-redhat-c<wbr>onfig-kick<wbr>start-fire<wbr>wall.html</a><br><br>if it is enabled, just click in the checkbox.<br><br>the other way, much in the form previously described, is to insert the blocking rule as Blaz and shakoush2001 described, test it block the port you were looking for, and THEN sve the rules so the change is made permanent:<br><br>/sbin/service iptables save<br><br>that's it.<br>you can get much more information here:<br><a rel="nofollow" href="http://searchenterpriselinux.techtarget.com/tip/0,289483,sid39_gci1162861,00.html" target="_blank">http://searchenterpriselin<wbr>ux.techtar<wbr>get.com/ti<wbr>p/<wbr>0,289483<wbr>,sid39_gci<wbr>1162861,00<wbr>.html</a>
0
 
LVL 19

Accepted Solution

by:
Gabriel Orozco earned 250 total points
ID: 22096801
er.. I object

my post was incorrectly pasted, but it say how to block the port *using the built in redhat firewall* as the user requested.

let me copy it by hand here:
If the port is not trusted it should be in state disabled.

check here: http://www.redhat.com/docs<wbr>/manuals/e<wbr>nterprise/

which is the RHEL-4-Man sysadmin-guide. it says:
if it is enabled, just click in the checkbox and save.

the other way, much in the form previously described, is to insert the blocking rule as Blaz and shakoush2001 described, test it block the port you were looking for, and THEN save the rules so the change is made permanent:

/sbin/service iptables save

that's it.

you can get much more information here:
http://searchenterpriselinux.techtarget.com/tip/0,289483,sid39_gci1162861,00.html

hope this time it got posted correctly.       
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Fine Tune your automatic Updates for Ubuntu / Debian
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now