How to allow port 8443 in iptables?
23,091
iptables will only allow the port to get in, it will not "open" the port!
If you want to check what ports are allowed by iptables, you should you iptables -L -nv
Related videos on Youtube
Author by
João Daniel
Updated on September 18, 2022Comments
-
João Daniel over 1 year
In order to allow input from port 8443, I have inputed the iptables rule:
-A INPUT -i eth0 -p tcp --dport 8443 -j ACCEPT
However, when I type:
$ netstat -a
There is no reference to https or 8443. The result is:
Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:6311 *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 gauss:ssh ommited ESTABLISHED tcp 0 0 gauss:ssh omitted ESTABLISHED tcp 0 0 localhost:6311 localhost:48872 ESTABLISHED tcp6 0 0 localhost:8005 [::]:* LISTEN tcp6 0 0 [::]:8009 [::]:* LISTEN tcp6 0 0 [::]:www [::]:* LISTEN tcp6 0 0 [::]:ssh [::]:* LISTEN tcp6 0 0 localhost:48872 localhost:6311 ESTABLISHED udp 0 0 *:mdns *:* udp 0 0 *:52703 *:* udp6 0 0 [::]:42168 [::]:* udp6 0 0 [::]:mdns [::]:*
How can I successfully open port 8443?
Thanks
-
Admin over 12 yearsAh, so if 8443 isn't appearing on
netstat -a
it means that Tomcat is not working with it? I mean, can I conclude that the problem is with Tomcat and not with firewall? -
Rob over 12 yearsThat is the conclusion that I would draw.
-
João Daniel over 12 yearsI have changed some Tomcat configurations and now it appears on
netstat -a
. However I still can't ping or access 443. What else could be blocking it? -
Ben Voigt over 12 years
ping
is not the right tool for testing a TCP port, because ping uses ICMP.
-
-
Aaron Copley over 12 yearsAlso, since the rule is appended above, you will want to make sure that there isn't a rule with higher precedence to reject or drop it before the rule to accept is processed.
-
João Daniel over 12 yearsThere was a "drop all" rule before it. However, even if I change the order and let the DROP rule as the last, I can't access or ping localhost 443.