iptables advice needed: Open port 10050
Posted: 2012/10/25 12:22:20
Hi,
I've installed zabbix agent on a CentOS server, and I need to open port 10050.
I've run the following command:
[code]
sudo iptables -A INPUT -p tcp -m tcp --dport 10050 -j ACCEPT
[/code]
But I can't even access port 10050 from a remote server with telnet. However telneting port 22 works.
iptables -L gives
[code]
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
1002 82233 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
8 480 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
3 160 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
5 292 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:10050
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT 153 packets, 20168 bytes)
pkts bytes target prot opt in out source destination
[/code]
zabbix-agentd is running and is listening on port 10050:
[code]
# netstat -apnt | grep 10050
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 12617/zabbix_agentd
[/code]
Is there any rule that cancel my added rule for port 10050 ? do I have to reorder the rules ? if yes, how do I proceed ?
Is there any other reason why it shouldn't work ?
Note that I have other Debian servers currently monitored, and it works.
I've installed zabbix agent on a CentOS server, and I need to open port 10050.
I've run the following command:
[code]
sudo iptables -A INPUT -p tcp -m tcp --dport 10050 -j ACCEPT
[/code]
But I can't even access port 10050 from a remote server with telnet. However telneting port 22 works.
iptables -L gives
[code]
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
1002 82233 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
8 480 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
3 160 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
5 292 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:10050
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT 153 packets, 20168 bytes)
pkts bytes target prot opt in out source destination
[/code]
zabbix-agentd is running and is listening on port 10050:
[code]
# netstat -apnt | grep 10050
tcp 0 0 0.0.0.0:10050 0.0.0.0:* LISTEN 12617/zabbix_agentd
[/code]
Is there any rule that cancel my added rule for port 10050 ? do I have to reorder the rules ? if yes, how do I proceed ?
Is there any other reason why it shouldn't work ?
Note that I have other Debian servers currently monitored, and it works.