Solved

block the port using RHEL inbulit firewall

Posted on 2008-06-22
6
631 Views
Last Modified: 2008-07-30
Hi,
kindly let me know how to block the port using RHEL inbulit firewall

Thanks in advance
Naresh
0
Comment
Question by:sitg
  • 2
6 Comments
 
LVL 19

Expert Comment

by:http:// thevpn.guru
ID: 21840491
iptables -A INPUT -p tcp --dport 21 -j DROP

Change the port number
0
 
LVL 16

Expert Comment

by:Blaz
ID: 21843886
Or for the rule to work for sure use:
iptables -I INPUT -p tcp --dport 21 -j DROP

Rule order is important - the above rule inserts the rule to the start of firewall chain and drops the packet as soon as the firewall chain gets processed.
0
 
LVL 19

Expert Comment

by:Gabriel Orozco
ID: 21931408
If the port is not trusted it should be in state disabled.<br><br>check here: <br><a rel="nofollow" href="http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/sysadmin-guide/s1-redhat-config-kickstart-firewall.html" target="_blank">http://www.redhat.com/docs<wbr>/manuals/e<wbr>nterprise/<wbr>RHEL-4-Man<wbr>ual/<wbr>sysadm<wbr>in-guide/s<wbr>1-redhat-c<wbr>onfig-kick<wbr>start-fire<wbr>wall.html</a><br><br>if it is enabled, just click in the checkbox.<br><br>the other way, much in the form previously described, is to insert the blocking rule as Blaz and shakoush2001 described, test it block the port you were looking for, and THEN sve the rules so the change is made permanent:<br><br>/sbin/service iptables save<br><br>that's it.<br>you can get much more information here:<br><a rel="nofollow" href="http://searchenterpriselinux.techtarget.com/tip/0,289483,sid39_gci1162861,00.html" target="_blank">http://searchenterpriselin<wbr>ux.techtar<wbr>get.com/ti<wbr>p/<wbr>0,289483<wbr>,sid39_gci<wbr>1162861,00<wbr>.html</a>
0
 
LVL 19

Accepted Solution

by:
Gabriel Orozco earned 250 total points
ID: 22096801
er.. I object

my post was incorrectly pasted, but it say how to block the port *using the built in redhat firewall* as the user requested.

let me copy it by hand here:
If the port is not trusted it should be in state disabled.

check here: http://www.redhat.com/docs<wbr>/manuals/e<wbr>nterprise/

which is the RHEL-4-Man sysadmin-guide. it says:
if it is enabled, just click in the checkbox and save.

the other way, much in the form previously described, is to insert the blocking rule as Blaz and shakoush2001 described, test it block the port you were looking for, and THEN save the rules so the change is made permanent:

/sbin/service iptables save

that's it.

you can get much more information here:
http://searchenterpriselinux.techtarget.com/tip/0,289483,sid39_gci1162861,00.html

hope this time it got posted correctly.       
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question