Solved

open port 9000 on Centos 5.9 Linux

Posted on 2014-01-27
17
2,200 Views
Last Modified: 2014-01-27
Hi,

when I use this command:
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 9000 -j ACCEPT -m comment --comment "Xdebug port"
iptables: Unknown error 4294967295
root@ip-184-168-116-73 [~]#

I researched and some said it could be related to the virtualization like OpenVZ. But I contacted Godaddy tech for the VPS and he couldn't tell me the virtulization. BTW, just my two cents the tech for Godaddy and in general I find it terrible. Don't use them. I've used other VPS providers and the other providers like Bluehost are much, much more helpful when things go wrong. But Godaddy's support is pretty poor and their general reply is find the solution yourself.

the tech said that a simple iptables INPUT will work. So what is a simpler version of this command to open up this port?

Thank you =)
0
Comment
Question by:Victor Kimura
  • 9
  • 8
17 Comments
 
LVL 19

Accepted Solution

by:
Patricksr1972 earned 500 total points
ID: 39812992
Familiar command :)

Just a simpler command? Try


iptables -A INPUT -p tcp --dport 9000 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 9000 -j ACCEPT

D= destination so incoming
S= source so outgoing.
0
 

Author Comment

by:Victor Kimura
ID: 39813039
@Patricksr1972,

ok, that worked without errors.

1) What's wrong with the long version then?

2) How can I update an iptables entry? Just curious.

3) How do I make sure that port is opened for outbound and inbound?
0
 
LVL 19

Assisted Solution

by:Patricksr1972
Patricksr1972 earned 500 total points
ID: 39813048
Hi

The long one is brilliant and clear for future maintenance but if they dont support it iTS their bad.

What do you mean by update an entry?
0
 

Author Comment

by:Victor Kimura
ID: 39813055
Oh, like update and add an comment to it so I know why I opened that port.

I tried to telnet from my Windows 7 machine:

telnet 184.168.116.73 9000 and it states that it can't connect. So does this mean that the VPS still cannot accept connections on port 9000?
0
 
LVL 19

Assisted Solution

by:Patricksr1972
Patricksr1972 earned 500 total points
ID: 39813062
Exactly. This is why i gave you the long version before, right?

Did you give both comments and the save statement?   Iptables save
0
 

Author Comment

by:Victor Kimura
ID: 39813083
Opps. forgot to save it.

service iptables save
Saving firewall rules to /etc/sysconfig/iptables:          [  OK  ]
root@ip-184-168-116-73 [/lib/modules]#


But when I telnet from my Windows 7 machine, my machine still states it cannot connect. Is there some other issue at hand?
0
 
LVL 19

Assisted Solution

by:Patricksr1972
Patricksr1972 earned 500 total points
ID: 39813089
Is there a service active on port 9000?
0
 

Author Comment

by:Victor Kimura
ID: 39813101
How do I find out? iptables are still new to me. :)
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 
LVL 19

Assisted Solution

by:Patricksr1972
Patricksr1972 earned 500 total points
ID: 39813108
Nono iptables is for the firewall, is there a service active and running on the server listening for port 9000?
0
 

Author Comment

by:Victor Kimura
ID: 39813120
Oh, I see. How can I get the xdebug to be active?

I've been trying to set up my IDE (use PHPStorm from jetbrains) and it was failing. But is there a manual way to have the xdebug or some other service to test for the listening port?
0
 
LVL 19

Assisted Solution

by:Patricksr1972
Patricksr1972 earned 500 total points
ID: 39813128
Before we go there, it looks you need to restart iptables on centos before rules become active, did you run the restart command?
0
 

Author Comment

by:Victor Kimura
ID: 39813135
service iptables restart
Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: mangle filter             [  OK  ]
Unloading iptables modules:                                [  OK  ]
Applying iptables firewall rules:                          [  OK  ]
0
 

Author Comment

by:Victor Kimura
ID: 39813140
I tested telnet from my windows and still failing. Do I need to start a service for listening on that port?
0
 
LVL 19

Assisted Solution

by:Patricksr1972
Patricksr1972 earned 500 total points
ID: 39813189
From what i read you need Some work done in phpstorm.
If you are going to run and debug an application directly on a remote host, the only thing you need is register access to this host in PhpStorm to enable synchronization.

Please read about it Here
0
 

Author Comment

by:Victor Kimura
ID: 39813225
Ok, am reading it now. Thanks for that link. I just wanted to narrow down the problem to see if it was the port that wasn't open before. I don't think it was because I was receiving an error  in the PHPstorm IDE that it couldn't connect to port 9000 but I don't see that error now.

So I believe it's fixed. Just wanted to be sure. Thanks for that link. I didn't see that link for some reason. I read the text docs but I never saw the video that they have available. Will watch them and see how I can set up my remote debugger to work.

http://www.jetbrains.com/phpstorm/documentation/index.html

This has been a weekend project trying to get the port opened and the debugger to work.

thanks, Patrick.

BTW, the simpler iptables command works but this one doesn't:
iptables -A INPUT -p tcp --dport 9000 -j ACCEPT -m comment --comment "XDebug port dport INPUT"

I get that same error. So I guess it's on their part then.

But I'm curious on how I would be able to ensure that those ports are opened on the server for output and input.

Tried this command:

netstat -ant
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State
tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN
tcp        0      0 184.168.116.73:53           0.0.0.0:*                   LISTEN
tcp        0      0 173.201.47.54:53            0.0.0.0:*                   LISTEN
tcp        0      0 184.168.28.15:53            0.0.0.0:*                   LISTEN
tcp        0      0 173.201.24.210:53           0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:53                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:25                  0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:953               0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:443                 0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:7869              0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:2077                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:2078                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:993                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:2082                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:995                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:2083                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:2086                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:2087                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:3306                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:587                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:110                 0.0.0.0:*                   LISTEN
tcp        0      0 127.0.0.1:783               0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:143                 0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:2095                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:2096                0.0.0.0:*                   LISTEN
tcp        0      0 0.0.0.0:465                 0.0.0.0:*                   LISTEN
tcp        0      0 184.168.116.73:22           96.49.234.192:22206         ESTABLISHED
tcp        0      0 173.201.47.54:443           217.96.60.4:61850           TIME_WAIT
tcp        0      0 173.201.47.54:443           217.96.60.4:61864           TIME_WAIT
tcp        0      0 173.201.47.54:22            96.49.234.192:22037         ESTABLISHED
tcp        0   2584 184.168.116.73:22           96.49.234.192:17991         ESTABLISHED
tcp        0      0 173.201.47.54:443           83.24.120.66:62408          TIME_WAIT
tcp        0      0 173.201.47.54:443           178.36.124.161:49365        ESTABLISHED
tcp        0      0 127.0.0.1:34975             127.0.0.1:953               TIME_WAIT
tcp        0      0 127.0.0.1:2086              127.0.0.1:60534             TIME_WAIT
tcp        0      0 :::21                       :::*                        LISTEN
tcp        0      0 :::22                       :::*                        LISTEN
tcp        0      0 :::25                       :::*                        LISTEN
tcp        0      0 :::443                      :::*                        LISTEN
tcp        0      0 ::1:7869                    :::*                        LISTEN
tcp        0      0 :::5001                     :::*                        LISTEN
tcp        0      0 :::8009                     :::*                        LISTEN
tcp        0      0 :::587                      :::*                        LISTEN
tcp        0      0 :::8080                     :::*                        LISTEN
tcp        0      0 :::80                       :::*                        LISTEN
tcp        0      0 :::465                      :::*                        LISTEN

Open in new window

0
 
LVL 19

Assisted Solution

by:Patricksr1972
Patricksr1972 earned 500 total points
ID: 39813239
Hi,

The only way to tell now is to cat iptables and look if your exceptions are there.
Reason netstat is not showing 9000 as listening is because you have not yet configured a service to listen to it.
Once configured phpstorm it Will show 9000 as listening.
0
 

Author Comment

by:Victor Kimura
ID: 39813411
Ok, will thanks. Will post here shortly once I get it configured. Thanks, Patrick!
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now