Solved

block the port using RHEL inbulit firewall

Posted on 2008-06-22
6
628 Views
Last Modified: 2008-07-30
Hi,
kindly let me know how to block the port using RHEL inbulit firewall

Thanks in advance
Naresh
0
Comment
Question by:sitg
  • 2
6 Comments
 
LVL 19

Expert Comment

by:http:// thevpn.guru
Comment Utility
iptables -A INPUT -p tcp --dport 21 -j DROP

Change the port number
0
 
LVL 16

Expert Comment

by:Blaz
Comment Utility
Or for the rule to work for sure use:
iptables -I INPUT -p tcp --dport 21 -j DROP

Rule order is important - the above rule inserts the rule to the start of firewall chain and drops the packet as soon as the firewall chain gets processed.
0
 
LVL 19

Expert Comment

by:Redimido
Comment Utility
If the port is not trusted it should be in state disabled.<br><br>check here: <br><a rel="nofollow" href="http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/sysadmin-guide/s1-redhat-config-kickstart-firewall.html" target="_blank">http://www.redhat.com/docs<wbr>/manuals/e<wbr>nterprise/<wbr>RHEL-4-Man<wbr>ual/<wbr>sysadm<wbr>in-guide/s<wbr>1-redhat-c<wbr>onfig-kick<wbr>start-fire<wbr>wall.html</a><br><br>if it is enabled, just click in the checkbox.<br><br>the other way, much in the form previously described, is to insert the blocking rule as Blaz and shakoush2001 described, test it block the port you were looking for, and THEN sve the rules so the change is made permanent:<br><br>/sbin/service iptables save<br><br>that's it.<br>you can get much more information here:<br><a rel="nofollow" href="http://searchenterpriselinux.techtarget.com/tip/0,289483,sid39_gci1162861,00.html" target="_blank">http://searchenterpriselin<wbr>ux.techtar<wbr>get.com/ti<wbr>p/<wbr>0,289483<wbr>,sid39_gci<wbr>1162861,00<wbr>.html</a>
0
 
LVL 19

Accepted Solution

by:
Redimido earned 250 total points
Comment Utility
er.. I object

my post was incorrectly pasted, but it say how to block the port *using the built in redhat firewall* as the user requested.

let me copy it by hand here:
If the port is not trusted it should be in state disabled.

check here: http://www.redhat.com/docs<wbr>/manuals/e<wbr>nterprise/

which is the RHEL-4-Man sysadmin-guide. it says:
if it is enabled, just click in the checkbox and save.

the other way, much in the form previously described, is to insert the blocking rule as Blaz and shakoush2001 described, test it block the port you were looking for, and THEN save the rules so the change is made permanent:

/sbin/service iptables save

that's it.

you can get much more information here:
http://searchenterpriselinux.techtarget.com/tip/0,289483,sid39_gci1162861,00.html

hope this time it got posted correctly.       
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
This video discusses moving either the default database or any database to a new volume.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now