Re: Linux Firewall

Hi, It was a while ago, but now I have encountered a problem that I have not managed to resolve. The fact is that a chat script needs to use port 1935 but Linux Firewall blocks this port and I am no man in the world to open that despite lots of different experiments. Can you possibly help me with how I shall proceed to make this port available in 1935. I have searched the forum for a solution but have not found anything that helped me. Thank you in advance and have a good day.

Best regards Lars Reimers

Status: 
Active

Comments

I don't have the standard Linux firewalling enabled (I'm using Shorewall), so I can't walk you through the specifics... however, you can edit your firewall settings in Virtualmin by going into Webmin -> Networking -> Linux Firewall.

If it's unclear what you should do from there, let us know and Jamie can help with the details :-)

To open a port using the Linux Firewall module, do the following :

  • Go to Webmin -> Networking -> Linux Firewall.

  • Under "Incoming packets (INPUT)", click the "Add Rule" button.

  • Set the "Action to take" to "Accept"

  • Set "Network protocol" to "Equals" and "TCP"

  • Set the "Destination TCP or UDP port" to "Equals" and enter port 1935

  • Click "Create", then click the "Apply Configuration" button at the bottom of the page.

Let us know if that helps..

tpnsolutions's picture
Submitted by tpnsolutions on Wed, 10/21/2009 - 12:20

*** Please read above post as I missed a few step accidentially which are covered there ***

Lars,

Adding a simple firewall rule to open specific ports on your server is pretty simple using the built-in Firewall module at: "Webmin > Networking > Linux Firewall"

  1. Click on "Add Rule".

  2. If you need to allow traffic on both TCP and UDP protocols SKIP step 3.

   3. Change "Network protocol to "Equals" and "TCP" OR "UDP".

  1. Under "Condition Details" find "Destination TCP or UDP Port(s)".

  2. Change the first field to "Equals".

  3. Choose either "Port(s)" then fill in the specific port(s) in the field beside it, OR "Port range" then fill in the starting and ending port in the fields that follow.

  4. Make sure "Connection states" is set to "Equals" and "New connection (NEW)".

  5. Click "Save"

  6. On the main firewall screen, make sure to move the rule up before "Reject Always" rule by clicking the black up arrow in the second last column. (which moves the rule up)

  7. Once the rule is in the most appropriate position in the rules table, click "Apply Configuration".

Now your new rule should take effect!

--
Peter

LarsReimers's picture
Submitted by LarsReimers on Wed, 10/21/2009 - 13:58

Thank you for all nice answer!

Now it looks like belowe, are that correct?

[root@bill ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:1935 state NEW

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@bill ~]#

Lars - it looks like you don't have any firewall active at all, so port 1935 shouldn't be blocked in the first place.

LarsReimers's picture
Submitted by LarsReimers on Wed, 10/21/2009 - 15:10

Thank you!

I understand, but despite this I get from AVChat script that this particular port is blocked, strange. I may investigate further to get a solution to my problem.