How to open a port on CentOS 7 when firewallD is not running?
22,178
If you don't have running firewall(firewalld or iptables), you don't need to open any ports on firewall. All your ports opened by default. But be carefull, if you run your system in Internet it's big security breach, so better install iptables or firewalld and open only required ports.
Related videos on Youtube
Author by
Jesse_Pinkman
Updated on September 18, 2022Comments
-
Jesse_Pinkman over 1 year
I am trying to set up PacketFence, but the switch is comunicating on ports 1812 and 1813. I had made a fresh install of CentOS 7 and now I need to open the ports - I did some research but everyone said to open it via firewallD, which is not currently running on my system.
Should I start and configure it or is there any other way ?
Thank you very much
-
Michael Hampton about 7 yearsIf you aren't using firewalld, then what did you use for a firewall?
-
-
Jesse_Pinkman about 7 yearsWell that is the problem - I didn't have any firewall and after I installed PacketFence only specific ports are opened. But I have no idea how to configure which are open, since iptables configuration in PacketFence folder does have 1812 and 1813 open - but nmap doesn't see them opened.
-
Alexander Tolkachev about 7 yearsYou could check listening port by command
ss -ln
. -
Jesse_Pinkman about 7 yearsI did, still - only UDP 1812 and 1813 are open and I need to have TCP 1812 and 1813 open - still no idea how to though
-
Alexander Tolkachev about 7 years@Jesse_Pinkman, may be you have installed
iptables
? Could you checksystemctl status iptables
. If they installed and running you could open ports by command:iptables -t filter -A INPUT -p tcp -m state --state NEW -m tcp --dport 1812 -j ACCEPT
andiptables -t filter -A INPUT -p tcp -m state --state NEW -m tcp --dport 1813 -j ACCEPT
-
Jesse_Pinkman about 7 yearsI did have installed them, despite the version of CentOS being 7, but they did not have any current rules applied
-
Alexander Tolkachev about 7 yearsExecute 'iptables-save' and you can see rules, that work now.
-
Jesse_Pinkman about 7 yearsI did that. What is interesting though - right after I restart the system, iptables -L shows the full set of the rules (with TCP 1812 and 1813 enabled) however, nmap says they are closed. And also when I check service iptables status command, it says it is loaded, but inactive. When I start it, all the rules disappear. It is a mystery to me how the PacketFence firewall works
-
Alexander Tolkachev about 7 years@Jesse_Pinkman, i checked PacketFence documentation and found that it used it own iptables instance. It located in
/usr/local/pf/conf/iptables.conf
.