Solved

CentOS Open a Port

Posted on 2012-03-20
5
358 Views
Last Modified: 2012-03-21
I am trying to open port 80 & 443 to everyone.  My et/sysconfig/iptables looks like:

# Generated by iptables-save v1.3.5 on Tue Mar 20 19:14:47 2012
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [133643:8702644]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 5901 -j ACCEPT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p esp -j ACCEPT
-A RH-Firewall-1-INPUT -p ah -j ACCEPT
-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Tue Mar 20 19:14:47 2012
"/etc/sysconfig/iptables" 23L, 1071C


When i test the ports with a port query tool it tells me they are not open.  What did i miss?
0
Comment
Question by:deklinm
5 Comments
 
LVL 21

Accepted Solution

by:
Papertrip earned 500 total points
ID: 37745638
Are you sure Apache is running when you run the port scan?

Do you have anything in /etc/hosts.allow or /etc/hosts.deny ?
0
 

Author Comment

by:deklinm
ID: 37745648
/etc/hosts.allow or /etc/hosts.deny are both empty

Apache is not running
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 37745655
Start up Apache and run the port scan again.
0
 
LVL 5

Expert Comment

by:1ly4me
ID: 37746365
What about IPTables and Firewall? Are they running?
0
 
LVL 4

Expert Comment

by:JZeolla
ID: 37746793
Your syntax seems correct.  

First make sure you start up whatever is going to be connecting to port 80.  Then verify that the system is listening on port 80 using:
netstat --listen -an | awk '/LISTEN/ && /:80 / && /tcp/'

Now run your port scan.  Since it's a tcp port scan, it requires a response to be considered 'up' and therefore it needs to have traffic allowed in addition to a listening service on that server's port 80.
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question