Allow traffic in RHEL

Greetings Experts

How do I allow traffic into RHEL5 server on AWS, I´m guessing that that my firewall is not allowing traffic in, since I get "connection timed out". nor can I access webmin on port 10000.

The service is activated and ports 80,22,10000 are listening.

Should this work?

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 10000 -j ACCEPT

P.S. Server is on AWS cloud
Daniel993Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

BlazCommented:
yes, the rule looks right. You could temporarily shut down the firewall completely
/etc/init.d/iptables stop

This will give you an idea whether the firewall is the problem or something else is.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Daniel993Author Commented:
still getting the following

Connection Interrupted
The connection to the server was reset while the page was loading.
The network link was interrupted while negotiating a connection. Please try again.

Guess it wasn´t the firewall after all

Daniel
0
BlazCommented:
Please describe more about where you are testing from and where to:

I am not familiar with AWS so I don't know if there are any limitations on connections to the server (firewalls before the server - not iptables).

What about firewalls on the net you are testing from? Does it allow to make connections on port 10000?

What about if you issue command:
telnet localhost 10000
on the server itself - does it connect? If it connects type:
GET /
(caps letters GET, space, slash, enter on the end - type even if you do not see the characters as you write)
Do you get a response?
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Daniel993Author Commented:

Sorry for the delay for 10000 got this

[root@domU-12-31-39-03-49-57:~] telnet localhost 10000
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
GET /
HTTP/1.0 400 Bad Request
Server: MiniServ/0.01
Date: Sat, 4 Jul 2009 21:05:45 GMT
Content-type: text/html
Connection: close

<h1>Error - Bad Request</h1>
Connection closed by foreign host.

but for port 80 got the response below

[root@domU-12-31-39-03-49-57:~] telnet localhost 80
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
GET /
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/                                             DTD/xhtml11.dtd">
 
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
        <head>
                <title>Test Page for the Apache HTTP Server on Red Hat Enterpris                                             e Linux</title>
                <meta http-equiv="Content-Type" content="text/html; charset=UTF-                                             8" />
                <style type="text/css">
                        /*<![CDATA[*/
                        body {
                                background-color: #fff;
                                color: #000;
                                font-size: 0.9em;
                                font-family: sans-serif,helvetica;
                                margin: 0;
                                padding: 0;
                        }
                        :link {
                                color: #c00;
                        }
                        :visited {
                                color: #c00;
                        }
                        a:hover {
                                color: #f50;
                        }
                        h1 {
                                text-align: center;
                                margin: 0;
                                padding: 0.6em 2em 0.4em;
                                background-color: #900;
                                color: #fff;
                                font-weight: normal;
                                font-size: 1.75em;
                                border-bottom: 2px solid #000;
                        }
                        h1 strong {
                                font-weight: bold;
                        }
                        h2 {
                                font-size: 1.1em;
                                font-weight: bold;
                        }
                        hr {
                                display: none;
                        }
                        .content {
                                padding: 1em 5em;
                        }
                        .content-columns {
                                /* Setting relative positioning allows for
                                absolute positioning for sub-classes */
                                position: relative;
                                padding-top: 1em;
                        }
                        .content-column-left {
                                /* Value for IE/Win; will be overwritten for oth                                             er browsers */
                                width: 47%;
                                padding-right: 3%;
                                float: left;
                                padding-bottom: 2em;
                        }
                        .content-column-left hr {
                                display: none;
                        }
                        .content-column-right {
                                /* Values for IE/Win; will be overwritten for ot                                             her browsers */
                                width: 47%;
                                padding-left: 3%;
                                float: left;
                                padding-bottom: 2em;
                        }
                        .content-columns>.content-column-left, .content-columns>                                             .content-column-right {
                                /* Non-IE/Win */
                        }
                        img {
                                border: 2px solid #fff;
                                padding: 2px;
                                margin: 2px;
                        }
                        a:hover img {
                                border: 2px solid #f50;
                        }
                        /*]]>*/
                </style>
        </head>
 
        <body>
                <h1>Red Hat Enterprise Linux <strong>Test Page</strong></h1>
 
                <div class="content">
                        <div class="content-middle">
                                <p>This page is used to test the proper operatio                                             n of the Apache HTTP server after it has been installed. If you can read this pa                                             ge, it means that the Apache HTTP server installed at this site is working prope                                             rly.</p>
                        </div>
                        <hr />
 
                        <div class="content-columns">
                                <div class="content-column-left">
                                        <h2>If you are a member of the general p                                             ublic:</h2>
 
                                        <p>The fact that you are seeing this pag                                             e indicates that the website you just visited is either experiencing problems, o                                             r is undergoing routine maintenance.</p>
 
                                        <p>If you would like to let the administ                                             rators of this website know that you've seen this page instead of the page you e                                             xpected, you should send them e-mail. In general, mail sent to the name "webmast                                             er" and directed to the website's domain should reach the appropriate person.</p                                             >
 
                                        <p>For example, if you experienced probl                                             ems while visiting www.example.com, you should send e-mail to "webmaster@example                                             .com".</p>
 
                                        <p>For information on Red Hat Enterprise                                              Linux, please visit the <a href="http://www.redhat.com/">Red Hat, Inc. website<                                             /a>. The documentation for Red Hat Enterprise Linux is <a href="http://www.redha                                             t.com/docs/manuals/enterprise/">available on the Red Hat, Inc. website</a>.</p>
                                        <hr />
                                </div>
 
                                <div class="content-column-right">
                                        <h2>If you are the website administrator                                             :</h2>
 
                                        <p>You may now add content to the direct                                             ory <tt>/var/www/html/</tt>. Note that until you do so, people visiting your web                                             site will see this page, and not your content. To prevent this page from ever be                                             ing used, follow the instructions in the file <tt>/etc/httpd/conf.d/welcome.conf                                             </tt>.</p>
 
                                        <p>You are free to use the image below o                                             n web sites powered by the Apache HTTP Server:</p>
 
                                        <p align="center"><a href="http://httpd.                                             apache.org/"><img src="/icons/apache_pb2.gif" alt="[ Powered by Apache ]"/></a><                                             /p>
 
                                </div>
                        </div>
                </div>
        </body>
</html>
Connection closed by foreign host.

Open in new window

0
BlazCommented:
The server is up and running on ports 80 and 10000.

Now what do you get if you issue those same commands from other computers - your local computer, some other servers etc.

By this you can figure out where the connection (firewall) problems occur - perhaps on your local network etc.

On the other hand if you get the same response from other locations then you might have some other problems like MTU size and IP packet fragmenting or similar.
0
Daniel993Author Commented:
Received this message when running telnet localhost 80 and then GET / on my computer.

HTTP/1.1 501 Not Implemented

Connection closed by local host

I´m gonna fiddle with the firewall a little more and see if I turned it off properly...
0
BlazCommented:
It seems that you got TCP and HTTP connection through - no firewall was blocking you.

501 error should probably not happen - it means the server did not understand your command (and every HTTP server should understand the GET command). You probably made a typo when typing the command in. Try to do it again and don't forget to use all caps.
0
Daniel993Author Commented:
Thanks, you gave some very useful pointers. A little more research and I should be able to figure it out
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.