For the Linux boffins

T

The Cosmos

Executive Member
Joined
Jan 17, 2007
Messages
5,724
Reaction score
3
I'm still getting to know linux, but I need to add a port, or make sure a certain port is open on our linux firewall (SUSE 9.2).

I'm using webmin.
How do i go about doing that ?

thanks
 
Okay why webmin???

But moving on, do you have Suse firewall running??

From command / Konsole as root:
rcSuSefirewall2 status would be the command to verify...

Which port do you want opened?
The example from W1z4rd is a very quick option but you have to look at it globally.
 
!!DV!! said:
Okay why webmin???

But moving on, do you have Suse firewall running??

From command / Konsole as root:
rcSuSefirewall2 status would be the command to verify...

Which port do you want opened?
The example from W1z4rd is a very quick option but you have to look at it globally.
Click to expand...

well, webmin is easier, isn't it ?
port 443.
 
MyselfY9Y said:
well, webmin is easier, isn't it ?
port 443.
Click to expand...

Webmin is not really easier for me, but that's me I use Yast :o

Do you have any sort of firewall config running via Webmin?

"iptables -L -vn" will output all rules configured.

In which direction do you what to open that?
Connection to the server (local app) from network to Internet ?

This will dictate if it is a INPUT of FROWARD rule in IPTables.
 
yeah just use yast much easier

running the above iptables commands wont save your changes
i dont remember the exact menu structure in 9.2 but if you start yast in a consol it should be something like
security->firewall
and then you can open ports for internal and external interfaces
https (port 443) should be on the menu of services to allow by default so just add it if its not there
 
Last edited:
!!DV!! said:
Webmin is not really easier for me, but that's me I use Yast :o

Do you have any sort of firewall config running via Webmin?
Click to expand...

Yes. There's all sorts of stuff configured, and if i change something, it might affect something else. That's basically the way it has been setup.

"iptables -L -vn" will output all rules configured.

In which direction do you what to open that?
Connection to the server (local app) from network to Internet ?
Click to expand...

Brightmail (anti-spam app) needs to use that port. So, direction might be both.
 
Port 443 is generally used for HTTPS.

could you post the output of the following command:
Or PM it to me if you have security concerns :D

iptables -L -vn

Then we will be able to see which ports are open and how the default filtering has been configured.

If brightmail needs to connect somewhere from the server it will be a OUTPUT rule.
 
how do i open it ? because i get the following error on brightmail ?

Network error occurred, Empty reply from server (52), check your network connection settings, check your proxy settings (if applicable), and check to ensure that port 443 (HTTPS) is open through any relevant firewalls.
Click to expand...
 
!!DV!! said:
Port 443 is generally used for HTTPS.

could you post the output of the following command:
Or PM it to me if you have security concerns :D

iptables -L -vn

Then we will be able to see which ports are open and how the default filtering has been configured.

If brightmail needs to connect somewhere from the server it will be a OUTPUT rule.
Click to expand...


ok, i checked no reference at all to 443.
 
What is the OUTPUT chain default ACCEPT or DROP ?

If it is drop you will have to add new entry to allow traffic out to port 443
 
!!DV!! said:
What is the OUTPUT chain default ACCEPT or DROP ?

If it is drop you will have to add new entry to allow traffic out to port 443
Click to expand...

Chain OUTPUT (Policy ACCEPT 121k packets 16m bytes)
 
Last edited:
Okay

With the default policy being ACCEPT no outgoing connections are blocked.

What gave you the indication that port 443 was being blocked?
 
!!DV!! said:
Okay

With the default policy being ACCEPT no outgoing connections are blocked.

What gave you the indication that port 443 was being blocked?
Click to expand...

well, 2 things

firstly, there's no record of 443 in the tables "list"

and second

brightmail error message

Network error occurred, Empty reply from server (52), check your network connection settings, check your proxy settings (if applicable), and check to ensure that port 443 (HTTPS) is open through any relevant firewalls.
Click to expand...
 
If you ssh into the mail machine are you able to ping out from it to make sure it has a connection to the net?
 
With iptables not blocking outgoing connections I would start looking at other possible issues. The capture you quoted shows that the server has passed more that 16M worth of traffic.

Is this server directly connected to the Internet (Public Ip on the server) ?
 
This is only a guess right now with the limited insight in to the setup and firewall rules but this seems to be a Brightmail issue and not firewall related.

Do you have any more information regarding the host to which brightmail is trying to connect ?
 
!!DV!! said:
This is only a guess right now with the limited insight in to the setup and firewall rules but this seems to be a Brightmail issue and not firewall related.

Do you have any more information regarding the host to which brightmail is trying to connect ?
Click to expand...

telkom :o
 
If you have the IP which brightmail is trying to connect to, you can telnet to the IP and see it the connection is accepted

telnet <remote_ip> 443

you should receive a response, if you receive a connection refused the server you are trying to connect to is not accepting connections, if it timeout it a possible firewall issue.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X