Solved

CentOS Open a Port

Posted on 2012-03-20
5
351 Views
Last Modified: 2012-03-21
I am trying to open port 80 & 443 to everyone.  My et/sysconfig/iptables looks like:

# Generated by iptables-save v1.3.5 on Tue Mar 20 19:14:47 2012
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [133643:8702644]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 5901 -j ACCEPT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p esp -j ACCEPT
-A RH-Firewall-1-INPUT -p ah -j ACCEPT
-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Tue Mar 20 19:14:47 2012
"/etc/sysconfig/iptables" 23L, 1071C


When i test the ports with a port query tool it tells me they are not open.  What did i miss?
0
Comment
Question by:deklinm
5 Comments
 
LVL 21

Accepted Solution

by:
Papertrip earned 500 total points
ID: 37745638
Are you sure Apache is running when you run the port scan?

Do you have anything in /etc/hosts.allow or /etc/hosts.deny ?
0
 

Author Comment

by:deklinm
ID: 37745648
/etc/hosts.allow or /etc/hosts.deny are both empty

Apache is not running
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 37745655
Start up Apache and run the port scan again.
0
 
LVL 5

Expert Comment

by:1ly4me
ID: 37746365
What about IPTables and Firewall? Are they running?
0
 
LVL 4

Expert Comment

by:JZeolla
ID: 37746793
Your syntax seems correct.  

First make sure you start up whatever is going to be connecting to port 80.  Then verify that the system is listening on port 80 using:
netstat --listen -an | awk '/LISTEN/ && /:80 / && /tcp/'

Now run your port scan.  Since it's a tcp port scan, it requires a response to be considered 'up' and therefore it needs to have traffic allowed in addition to a listening service on that server's port 80.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
Using 'screen' for session sharing, The Simple Edition Step 1: user starts session with command: screen Step 2: other user (logged in with same user account) connects with command: screen -x Done. Both users are connected to the same CLI sessio…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question