The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Allowing all connections on a port in CSF

Discussion in 'cPanel Developers' started by Jinovich, Mar 28, 2008.

  1. Jinovich

    Jinovich Member

    Joined:
    Mar 16, 2008
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    Let me set the scenario, running shoutcast, opened a TCP port on the shoutcast port which now enables me to see the default shoutcast status page.

    Tried to connect and connection failed, looked at the csf report to see activity on port 8002 (my scast port) see my inbound TCP connection was blocked.

    Disabled csf and managed to connect fine.

    How would I enable the firewall to allow any connection on port 8002 from any IP?

    Regards,

    Jin

    Note: I realise that this forum is not a support forum but I prefer asking here as there are always people willing to help. Appreciate all constructive comments
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Add port 8002 to TCP_IN in csf.conf and then restart csf:

    csf -r

    That should be all you need.
     
  3. Jinovich

    Jinovich Member

    Joined:
    Mar 16, 2008
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    Nope, it seems to be blocking IP address's connecting to that port.
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    What's the full iptables (kernel) block line from /var/log/messages?
     
  5. Jinovich

    Jinovich Member

    Joined:
    Mar 16, 2008
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    this is the IP allow rule

    50 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8002


    and this is the report,

    1 Mar 28 10:41:00 - - Firewall: *TCP_IN Blocked* tcp 86.120.72.89 50559 208.53.138.141 8002 SYN
    3 Mar 28 10:40:39 Mar 28 10:40:48 00:00:00:09 Firewall: *TCP_IN Blocked* tcp 86.120.72.89 50557 208.53.138.141 8002 SYN


    Edit: Got it working ran, netstat -tulnap and it showed sc_trans on 8002 and 8003, added 8002 and 8003 to tcp ports and bingo.
     
    #5 Jinovich, Mar 28, 2008
    Last edited: Mar 28, 2008
  6. Anora

    Anora Registered

    Joined:
    Feb 15, 2011
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    I'm habing a simelor problem we are using port 8000 and 8001 and we got the ports listed into csf and its still bloking we have tride several things and we can get to unblock so we turned csf off.
     
  7. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Did you list the ports in both TCP and UDP for incoming and outgoing connections in CSF? There are 4 different sections in CSF (TCP IN, TCP OUT, UDP IN and UDP OUT) where you can list the port.
     

Share This Page