How do I enable a port in Linux?

linuxmelz

Registered
Dec 20, 2004
3
0
151
Moderation Note :) : Please see this post for the best answer.

Hi,

Dear friend..


Could you please advice me a way to open a port in linux. I donot have a apf sotware or any such thing.. Can we do it with any predefined tools that comes with linux OS itself.

Any help would be greatly appreciated..

Thanking one and all in advance for all of your views and suggestions..

Yours friendly,
Linuxmelz ;)
 
Last edited by a moderator:

linuxmelz

Registered
Dec 20, 2004
3
0
151
Hi

Thank you for writing in my friend..

A client wants to enable a port at 12375 port, for his chat software.. how do i do it.. also i think netstat -lpn dosn't show the port to be open..

Any help or views are warmly welcomed..

Regards,
Linuxmelz ;)
 

webignition

Well-Known Member
Jan 22, 2005
1,876
0
166
I believe that netstat -lpn will list only the currently active/open ports. Therefore if port 12375 is not being used by anything, it would not be listed.

As I said, if you don't have a firewall enabled, all ports should be open. It is not the case that ports are by default inaccessible and that you have to make them accessible in some way, but the exact opposite - unless you do something to prevent the use of a port it will be usable.

Assuming that there is a chat server you need to install, and that it is designed to listen on port 12375, once installed it should do, unless it is not working correctly.
 

linuxmelz

Registered
Dec 20, 2004
3
0
151
Hi

Dear friend,

It would be appreciated if you could please tell me how do i open a port using ip-tables. Every ones view/sugesstions are hearty welcomed.

Regards,
Linumelz ;)
 

JamesCTotalWeb

Well-Known Member
Mar 20, 2005
64
0
156
cPanel Access Level
Root Administrator
Well assuming the protocol is tcp you can just run this command from the command line.

iptables -A INPUT -p tcp --dport 12375 -j ACCEPT

iptables -A OUTPUT -p tcp --dport 12375 -j ACCEPT

you can also add them to your iptables-config file then restart iptables

/etc/init.d/iptables restart

Here is a good place to learn about iptables

http://www.siliconvalleyccie.com/linux-hn/iptables-intro.htm

remember use this at your own risk if ya break it ya pay for it ........ lol
 

Kerstin

Well-Known Member
Apr 9, 2005
136
0
166
Berlin
Iptables -? should show the allocates ;) ports. [0 to 65535] :confused:

The commands

iptables -A INPUT -p tcp --dport 12375 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 12375 -j ACCEPT
/etc/init.d/iptables restart

allocate a port, but a port must be used by a accurate application and protocol.
You must known the correct TCP (UDP) port, used by the protocol.
 

petedickson

Member
Jun 16, 2005
6
0
151
JamesCTotalWeb said:
Well assuming the protocol is tcp you can just run this command from the command line.

iptables -A INPUT -p tcp --dport 12375 -j ACCEPT

iptables -A OUTPUT -p tcp --dport 12375 -j ACCEPT

you can also add them to your iptables-config file then restart iptables

/etc/init.d/iptables restart

Here is a good place to learn about iptables

http://www.siliconvalleyccie.com/linux-hn/iptables-intro.htm

remember use this at your own risk if ya break it ya pay for it ........ lol
The above post solved my problem of opening port 81 - thanks!

However, I've been unable to figure out how to keep the port open! I have to SSH into my box every day and run /etc/init.d/iptables restart (I don't need to enter the INPUT and OUTPUT commands again, though).

FYI, my /etc/sysconfig/iptables-config looks like:

# Additional iptables modules (nat helper)
# Default: -empty-
#IPTABLES_MODULES="ip_nat_ftp"

# Save current firewall rules on stop.
# Value: yes|no, default: no
#IPTABLES_SAVE_ON_STOP="no"

# Save current firewall rules on restart.
# Value: yes|no, default: no
#IPTABLES_SAVE_ON_RESTART="no"

# Save (and restore) rule counter.
# Value: yes|no, default: no
#IPTABLES_SAVE_COUNTER="no"

# Numeric status output
# Value: yes|no, default: no
#IPTABLES_STATUS_NUMERIC="no"


Any help, greatly appreciated.

cheers

Pete Dickson
Birmingham, UK
 

nickb

Well-Known Member
Feb 25, 2005
346
0
166
India
However, I've been unable to figure out how to keep the port open! I have to SSH into my box every day and run /etc/init.d/iptables restart (I don't need to enter the INPUT and OUTPUT commands again, though).
Do you have service iptables enabled in chkconfig??? if not, enable it to start it at system startup or place /etc/init.d/iptables start in your /etc/rc.local.
 

petedickson

Member
Jun 16, 2005
6
0
151
nickb said:
Do you have service iptables enabled in chkconfig??? if not, enable it to start it at system startup or place /etc/init.d/iptables start in your /etc/rc.local.
Aren't these files for when the server reboots?

The server is staying up. It just seems to forget about port 81!

shashank said:
You should issue iptables-save after you have all the rules applied.
Just type the command iptables-save?

Thanks for your help.

Pete Dickson
Birmingham, UK
 

nickb

Well-Known Member
Feb 25, 2005
346
0
166
India
I suggest you to Install APF..its a nice tool and will take care of all of your ports and iptable configurations. Search the forum and you will get nice info bout installation and configuration of APF.
 

Smart-Guyz

Registered
Aug 27, 2005
3
0
151
If i insert a Core Config (sample 127.0.0.1) I get this message (for cPGSD):

There seems to have been a problem: "Unable to create socket, perhaps the remote end is unreachable ?: Failed to open Private Key "

I've tryed to do the things above, but the port 20100 still is'nt open, can some one help me solve this problem?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,218
463
Hello :)

Opening a port in Linux involves two essential concepts. First, you need to ensure the installed service or application is listening for connections on the port it's configured to run on. Second, the port must accept traffic from external connections if the service or application is to be accessible to the public. Here's some information to help guide you through this process.

Using The Command Line
Step 1. Ensure the service or application is listening for connections.

The netstat command is available on most Linux systems and will allow you to verify the service or application is running on a specified port. We'll use cpsrvd (the internal process used for cPanel & WHM) as an example. Since the cpsrvd service is configured to bind to ports 2082, 2083, 2086, 2087, 2095, and 2096, we'll use the following command to ensure it's listening for connections on these ports:

Code:
netstat -lnp|grep cpsrvd
You'll want to replace cpsrvd with the name of the process associated with the service you are setting up when running this command on your own system. For this example, let's review what the output of this command looks like on a server using cPanel & WHM:

Code:
tcp        0      0 0.0.0.0:2082            0.0.0.0:*               LISTEN      51087/cpsrvd (SSL)
tcp        0      0 0.0.0.0:2083            0.0.0.0:*               LISTEN      51087/cpsrvd (SSL)
tcp        0      0 0.0.0.0:2086            0.0.0.0:*               LISTEN      51087/cpsrvd (SSL)
tcp        0      0 0.0.0.0:2087            0.0.0.0:*               LISTEN      51087/cpsrvd (SSL)
tcp        0      0 0.0.0.0:2095            0.0.0.0:*               LISTEN      51087/cpsrvd (SSL)
tcp        0      0 0.0.0.0:2096            0.0.0.0:*               LISTEN      51087/cpsrvd (SSL)
Here you see it’s correctly listening for connections through the TCP protocol over ports 2082, 2083, 2086, 2087, 2095, and 2096. The entries for 0.0.0.0 in this context indicate it's listening on all available IP addresses configured on the server. You can proceed to the second step once you've confirmed the service or application is listening for connections on the correct port(s).

Step 2. The service needs to be accessible from an external connection.

This step involves configuring the system's firewall so that it permits the flow of traffic from external connections to the port(s) the service or application is listening for connections on. I encourage anyone new to Linux or new to firewall management in-general to practice caution and review your specific operating system's documentation on firewall rules. A single mistake when running an iptables or firewalld command may lead to an inaccessible server. If you're comfortable with the command line environment, here are some basic examples of commands you can use to ensure access to a specific port is open to the public.

For CentOS, CloudLinux, or RHEL version 6.x:

Code:
iptables -A INPUT -p tcp --dport 2082 -j ACCEPT
This creates an iptables rule that accepts all connections to port 2082 over the TCP protocol. You can permanently save the rule with the following command once you've confirmed access to the port is working:

Code:
/sbin/service iptables save
For CentOS 7, CloudLinux 7, or RHEL 7 systems using the firewalld daemon, the command would look like this:

Code:
firewall-cmd --zone=public --add-port=2082/tcp --permanent
Using cPanel & WHM
One of the advantages to using cPanel & WHM is the ability to manage most server administration tasks through a web browser instead of the command line. If you don't use cPanel & WHM, the link below is a good place to explore our products and extensions:

cPanel & WHM Free Trial License

If you have questions regarding this topic or about cPanel & WHM in general, register an account on the cPanel Forums and join the discussion! We have a team dedicated exclusively to the cPanel Forums to help answer any questions you have.

Thank you.