Solved

How to open port 1521 and port 1158 on redhat

Posted on 2011-09-05
11
19,644 Views
Last Modified: 2012-05-12
I want to know how to open port 1521 et 1158 (for oracle ...) on redhat linux.

I have used the procedure bellow but it doesn't seem to work


#vi /etc/sysconfig/iptables


add this line
# -A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 1158 -j ACCEPT
# -A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 1521 -j ACCEPT

Restart IPTABLES
# /etc/init.d/iptables restart

verify that the ports are open
#netstat | grep 1158
#netstat | grep 1521
0
Comment
Question by:cismoney
  • 5
  • 5
11 Comments
 
LVL 29

Expert Comment

by:fosiul01
Comment Utility
are there any services running on port 1158 and 1521 ??

netstat output will only show if somethign is runnign on those port
0
 

Author Comment

by:cismoney
Comment Utility
yes some oracle services are supposed to run on these ports. the dba told me to open these sports
0
 
LVL 29

Expert Comment

by:fosiul01
Comment Utility
telnet you can telnet to those port

telnet localhost   1158

or

telnet ip-of-server 1158

see if you can connect or not
0
 

Author Comment

by:cismoney
Comment Utility
can't connect via telnet

here is the output

# telnet localhost 1158
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.

Open in new window

0
 
LVL 29

Expert Comment

by:fosiul01
Comment Utility
the output shows its connected   ::: Escape character is '^]'.


here you trying from localhost

could you try from another computer in your network ??


from different computer in your network  (xp or another linux)

telnet ip-of-server 1158

0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:cismoney
Comment Utility
the result is the same
0
 
LVL 29

Expert Comment

by:fosiul01
Comment Utility
if you can telnet to  1158 from out side of the server
which mean, the port is opened


Now if you cant telnet 1521 from out side of server
which means , the services is not enabled on that port

or you have not open that port from firewall  

but by looking at yoru question, its lik port 1521 (tcp ) is open

do this

lsof -iTCP | grep 1521

lsof -iTCP | grep 1558

see what runnign on those port




0
 

Author Comment

by:cismoney
Comment Utility
i just typed these two command and there is no output
0
 
LVL 29

Expert Comment

by:fosiul01
Comment Utility

sorry its 1158  not 1558



lsof -iTCP | grep 1158
0
 
LVL 76

Accepted Solution

by:
arnold earned 500 total points
Comment Utility
As fosiul01 pointed
lsof -i:<portnumber>
if there is a process that is bound to this port, you will get the listing.

The procedure you followed depends on where you placed those two lines.
Presumably you do not have an explicit deny after which you add the referenced lines.

Try this:
iptables -L RH-Firewall-1-INPUT --line-numbers

iptables -I RH-Firewall-1-INPUT <x> -p tcp –dport 1158 -j ACCEPT
iptables -I RH-Firewall-1-INPUT <x> -p tcp –dport 1121 -j ACCEPT

(running the above commands makes the changes effective immediately but a restart of the iptables or the system will revert back since these changes are unsaved until you run /etc/init.d/iptables save)

Where <x> is replaced with a row number (depending on how many lines in your existing chain, 4,5 or 6 should be fine to use.  Make sure you do not have a Deny/Reject rule after which you are adding these entries.

Double check that you did not alter the ports
http://download.oracle.com/docs/cd/B19306_01/install.102/b15660/app_port.htm

netstat -an | egrep '(1158|1121)'

Fosiul01 pointed out that the connection is made, but the process might involve encryption which might explain why you are not seing anything after the connection is established.
0
 

Author Comment

by:cismoney
Comment Utility
it worked !!! thanx. i just found out  this command
 #system-config-securitylevel

Open in new window



its very easy to use, it display the firewall graphical interface with xterm
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now