Hello Everyone,
I am new to Linux and to this Forum. So sorry if my question is to dump. I read the asking section part, I hope I make my question correctly.
I had just bought a Virtual Private Server, which runs with CentOS 5. I connect to the VPS using Putty from my house.
I am trying to open Ports 8080 and 8888 to establish comunication with one of our providers on the server.
This is what I am doing (I followed one of the help articles: http://wiki.centos.org/HowTos/Network/IPTables):
1. I log in and get access route
2. I type the following lines of code:
# /sbin/iptables -P INPUT ACCEPT
# /sbin/iptables -F
# /sbin/iptables -A INPUT -i lo -j ACCEPT
# /sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# /sbin/iptables -A INPUT -p tcp --dport 8888 -j ACCEPT
# /sbin/iptables -P INPUT ACCEPT
# /sbin/iptables -P FORWARD DROP
# /sbin/iptables -P OUTPUT ACCEPT
# /sbin/iptables -L -v
# /sbin/service iptables save
After that, I am trying to see if the port is open in: http://www.yougetsignal.com/tools/open-ports/
I type in my log in and the port number but it doesen't work. How can I know if the port is realy opened.
Furthermore, I do not understand the differences between INPUT, FORWARD and OUTPUT.
Opening and Closing ports iptables, I am newbie
Opening and Closing ports iptables, I am newbie
[quote]
# /sbin/iptables -P INPUT ACCEPT
[/quote]
This sets the input policy default to accept all packets. Unless the last rule in the INPUT chain rejects or drops all packets that haven't already been accepted then [u]all your ports are open[/u]. Your current rules do not do this!
[quote]
Furthermore, I do not understand the differences between INPUT, FORWARD and OUTPUT.
[/quote]
Three separate chains of rules controlling 1) packets from outside your machine destined for it 2) packets being forwarded by your machine to other places and 3) packets originating on your machine destined for other places. Each chain has its own ruleset and policy. The policy for the chain controls what happens to packets that do not match any rule in that chain - so -P INPUT ACCEPT tells it that any packets input to your machine that haven't been handled by the rules by the time it reaches the end of the chain should be accepted.
# /sbin/iptables -P INPUT ACCEPT
[/quote]
This sets the input policy default to accept all packets. Unless the last rule in the INPUT chain rejects or drops all packets that haven't already been accepted then [u]all your ports are open[/u]. Your current rules do not do this!
[quote]
Furthermore, I do not understand the differences between INPUT, FORWARD and OUTPUT.
[/quote]
Three separate chains of rules controlling 1) packets from outside your machine destined for it 2) packets being forwarded by your machine to other places and 3) packets originating on your machine destined for other places. Each chain has its own ruleset and policy. The policy for the chain controls what happens to packets that do not match any rule in that chain - so -P INPUT ACCEPT tells it that any packets input to your machine that haven't been handled by the rules by the time it reaches the end of the chain should be accepted.