How to make ALL ports accessible on CentOS 5.6?

linux firewall port-forwarding linux-networking node.js

19,381

Solution 1

Your webserver is bound to localhost, only.

Make sure your webserver is listening on an IP address other than localhost (127.0.0.1) or link-local (169.254.*.*)

netstat -tl will help

Solution 2

The system-config-securitylevel-tui application provides VERY limited control over the host firewall. If you want to disable the firewall completely you should do:

chkconfig iptables off
service iptables stop

That will stop the firewall from starting at runlevel changes, and shut it down if it's currently running.

To allow access to your single port

iptables -A INPUT -p tcp  -m tcp --dport 8234 -j ACCEPT
service iptables save

Solution 3

You shouldn't need to customize the firewall if it's disabled. I believe you can also turn off the firewall once installation has completed; I don't have a CentOS system handy to look it up but the Internet seems to recommend

service iptables save
service iptables stop
chkconfig iptables off

This will save your rules, and disable the firewall on subsequent boot. There's probably also a graphical tool, this being Red Hat we're talking about. ;)

A firewall is a decent thing to have. You would add 8234:tcp to the other ports field (and/or udp if your service needs it).

Running the iptables command provided by @Lucas will work but doesn't disable the firewall, just allows all traffic. In which case, there's not too much point in leaving the firewall running.

19,381

Mark Bell

I'm a web developer based in Devon, UK.

Updated on September 18, 2022

Comments

Mark Bell over 1 year

I've set up a CentOS 5.6 development server running as a virtual machine under Virtual PC 2007, in order to have a play with Node.js. Everything is up and running, but I can't seem to access port 8234, which is the port the Node server is running on.

I know the server is running because I can wget localhost:8234 and retrieve an HTML file containing 'Hello World', which is correct.

If I use a port scanner, I can see that all the ports mentioned in the Allow Incoming section are open and responding to pings, but nothing else.

I've run setup and set things as follows:

To my mind, these settings should have turned off the firewall and be allowing anything that comes in on eth0 (the sole virtual network interface), but this doesn't seem to be the case.

How can I just disable the firewall completely, or failing that, make port 8234 accessible to the outside world?
Mark Bell almost 13 years

This doesn't seem to have made any difference. Do I need to restart the firewall service, or anything else?
Bryan Mills almost 13 years

@Mark IIRC restarting the firewall removes any custom settings, so no. But if this doesn't work, then the firewall isn't the issue here
Michael Lowman almost 13 years

@TheLQ it does unless you save them first, when they get stored in /etc/sysconfig/iptables or somewhere thereabouts. The distro-approved method is to use commands to modify the config then save the running config.
Rilindo almost 13 years

The guy could also have enter the actual port in the screen under "other ports" with: tcp:8234
Scott Pack almost 13 years

@Rilindo Fair point. TBH, since I haven't used the config tool in anything approaching recent memory I didn't actually think of it.