Opening port in firewall

**duckxtales** · 01-06-2007 04:32 PM

Hi, I'm trying to set up svn on a system with apache1, so I'll be running apache1 and apache2 side by side.

I'm trying to set up apache2 to listen on a different port, but I'm not sure how to open the port in my firewall, or even the process to set up a new port for the apache2 http connection.

What I've done so far is to edit my apache2 httpd.conf to listen on my new port number, and set up my virtual hosts there to match. However, I still couldn't access the site via the new port, so I was told I needed to open the port first in my firewall.

For this, I've edited the iptables for a the new port on utp and tcp protocols:
iptables -A INPUT -d [my.ip] -p tcp --dport [my.port] -j ACCEPT
iptables -A INPUT -d [my.ip]-p utp --dport [my.port] -j ACCEPT

Then I did a save and restart.

Still unable to access on the new port.

Can someone give me a clue on what I'm missing or how to open the port and set up apache conf to the new port properly?

Your help is much appreciated, thanks in advance.

**dafut** · 01-06-2007 09:26 PM

I'd suggest CSF by ConfigServer. ConfigServer Firewall integrates well with WHM, provides awesome flexibility, has a feature set that continues to grow and is well supported. It's also very well priced!

You can then open the proper inbound/outbound ports with much less concern about syntax.

Then again, if you really like configuring IPTABLES...

**duckxtales** · 01-07-2007 12:34 PM

Thanks for your help, Dafut. I'd really like to learn how to configure all of this via the shell, though.

I'm trying to learn my way around the shell better.

Any help with this is much appreciated.

**jpetersen** · 01-07-2007 01:32 PM

Try using -I instead of -A. -I will insert the rule into the top of the chain, whereas -A will simply append it to the end of the chain. As such, if there is a rule to block the traffic to the new port somewhere in the chain, -I will make sure your new rule is acted upon first.

This is how I would approach the situation:

1. Remove the old rules (use -D instead of -A)

2. Add a new rule via the following syntax:

/sbin/iptables -I INPUT -p tcp --dport 8080 -j ACCEPT

8080 should be replaced with the port apache2 is listening on.

If that doesn't work, then the issue could either be with a local firewall policy on your end, or that of your ISP, or with the firewall on the server. I'd run tcptraceroute locally to determine if the port were being blocked outbound locally (there's a win32 port which can be found via Google), and if you see the traffic being blocked at your server, then I'd double check your server's firewall.

**duckxtales** · 01-07-2007 08:12 PM

Thanks jpeterson! That worked, I really appreciate your help.

LinkBack

Thread Tools

Opening port in firewall

Port Opening

Opening a port / iptables

Need help for Opening Port

Firewall and Port #'s

Re: Port #'s for Firewall