Allowing all connections on a port in CSF

[Jinovich]

Let me set the scenario, running shoutcast, opened a TCP port on the shoutcast port which now enables me to see the default shoutcast status page.

Tried to connect and connection failed, looked at the csf report to see activity on port 8002 (my scast port) see my inbound TCP connection was blocked.

Disabled csf and managed to connect fine.

How would I enable the firewall to allow any connection on port 8002 from any IP?

Regards,

Jin

Note: I realise that this forum is not a support forum but I prefer asking here as there are always people willing to help. Appreciate all constructive comments

 

[chirpy]

Add port 8002 to TCP_IN in csf.conf and then restart csf:

csf -r

That should be all you need.

 

[Jinovich]

Nope, it seems to be blocking IP address's connecting to that port.

 

[chirpy]

What's the full iptables (kernel) block line from /var/log/messages?

 

[Jinovich]

this is the IP allow rule

50 0 0 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:8002


and this is the report,

1 Mar 28 10:41:00 - - Firewall: *TCP_IN Blocked* tcp 86.120.72.89 50559 208.53.138.141 8002 SYN
3 Mar 28 10:40:39 Mar 28 10:40:48 00:00:00:09 Firewall: *TCP_IN Blocked* tcp 86.120.72.89 50557 208.53.138.141 8002 SYN


Edit: Got it working ran, netstat -tulnap and it showed sc_trans on 8002 and 8003, added 8002 and 8003 to tcp ports and bingo.

 

[Anora]

I'm habing a simelor problem we are using port 8000 and 8001 and we got the ports listed into csf and its still bloking we have tride several things and we can get to unblock so we turned csf off.

 

[cPanelTristan]

Did you list the ports in both TCP and UDP for incoming and outgoing connections in CSF? There are 4 different sections in CSF (TCP IN, TCP OUT, UDP IN and UDP OUT) where you can list the port.