Allowing Uncommon Ports on SELinux

Support for security such as Firewalls and securing linux
Post Reply
amithad
Posts: 4
Joined: 2017/11/08 08:19:18

Allowing Uncommon Ports on SELinux

Post by amithad » 2017/11/08 08:23:06

Hi,

I'm using CentOS 7. I need to allow some uncommon ports like 3000 etc. I know how to enable those n firewall using firewall-cmd command , but for SELinux it's bit confusing.

To allow http service to run on port 8001 I can use "semanage port -a -t http_port_t -p tcp 8001" command

But for a particular port how can I do that?

Thanks

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Allowing Uncommon Ports on SELinux

Post by TrevorH » 2017/11/08 14:31:33

Exactly like that.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

amithad
Posts: 4
Joined: 2017/11/08 08:19:18

Re: Allowing Uncommon Ports on SELinux

Post by amithad » 2017/11/08 15:53:27

Hi TrevorH,

Thanks for the information. That means the tag "-a -t http_port_t" can be used to open any other uncommon service port including the http service. Is it?

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Allowing Uncommon Ports on SELinux

Post by TrevorH » 2017/11/08 15:59:46

Each service will have its own context but the principle is the same.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

CarlRestor
Posts: 19
Joined: 2017/10/31 16:48:13

Re: Allowing Uncommon Ports on SELinux

Post by CarlRestor » 2017/11/08 20:40:41

by using the same principle but a different context. :)
"Username" T. - Always Preferred

amithad
Posts: 4
Joined: 2017/11/08 08:19:18

Re: Allowing Uncommon Ports on SELinux

Post by amithad » 2017/11/09 10:02:07

Hi TrevorH, CarlRestor

Thanks for the information. If you can provide a link to get further details pertain to this it is much appreciated.

Thanks :)

scottro
Forum Moderator
Posts: 2556
Joined: 2007/09/03 21:18:09
Location: NYC
Contact:

Re: Allowing Uncommon Ports on SELinux

Post by scottro » 2017/11/09 11:16:02

https://www.rootusers.com/use-selinux-p ... ard-ports/

The first result of typing selinux allow unusual port into google.

This happens, sometimes one is unsure of good search terms, and when first learning, we don't always realize how easy it can be to find things, but it's always a good idea to try to find the answer yourself. (Then post it in the thread to help the next person searching.) :)
New users should check the FAQ and Read Me First pages

amithad
Posts: 4
Joined: 2017/11/08 08:19:18

Re: Allowing Uncommon Ports on SELinux

Post by amithad » 2017/11/16 13:06:36

Hi Scottro,

Thanks a lot for the information. I'll go through this link to check whether I get the exact information I need. At a glance I got the feeling ,this article is for changing common ports like 22 (ssh) to an uncommon port like 2222.

My requirement is to open a port like 4000 etc. which does not belong to any common service.

:)

Post Reply