Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

How do I enable a port in Linux?

Discussion in 'General Discussion' started by linuxmelz, Apr 25, 2005.

  1. linuxmelz

    linuxmelz Registered

    Joined:
    Dec 20, 2004
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    151
    [Moderation Note: Please see this post for the best answer.]

    Hi,

    Dear friend..


    Could you please advice me a way to open a port in linux. I donot have a apf sotware or any such thing.. Can we do it with any predefined tools that comes with linux OS itself.

    Any help would be greatly appreciated..

    Thanking one and all in advance for all of your views and suggestions..

    Yours friendly,
    Linuxmelz ;)
     
    #1 linuxmelz, Apr 25, 2005
    Last edited by a moderator: Sep 11, 2018
  2. webignition

    webignition Well-Known Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    166
    If you don't have any firewall running on your server then all ports should be open, or thereabouts.

    What port do you need access to and what are you trying to achieve?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. linuxmelz

    linuxmelz Registered

    Joined:
    Dec 20, 2004
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    151
    Hi

    Thank you for writing in my friend..

    A client wants to enable a port at 12375 port, for his chat software.. how do i do it.. also i think netstat -lpn dosn't show the port to be open..

    Any help or views are warmly welcomed..

    Regards,
    Linuxmelz ;)
     
  4. webignition

    webignition Well-Known Member

    Joined:
    Jan 22, 2005
    Messages:
    1,880
    Likes Received:
    0
    Trophy Points:
    166
    I believe that netstat -lpn will list only the currently active/open ports. Therefore if port 12375 is not being used by anything, it would not be listed.

    As I said, if you don't have a firewall enabled, all ports should be open. It is not the case that ports are by default inaccessible and that you have to make them accessible in some way, but the exact opposite - unless you do something to prevent the use of a port it will be usable.

    Assuming that there is a chat server you need to install, and that it is designed to listen on port 12375, once installed it should do, unless it is not working correctly.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. brentp

    brentp Well-Known Member

    Joined:
    Mar 11, 2004
    Messages:
    324
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Ayr, North Queensland, Australia
    well, make sure its open via iptabes, then get them to start their chat software which should bind to the port.

    Regards,
    Brent
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. linuxmelz

    linuxmelz Registered

    Joined:
    Dec 20, 2004
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    151
    Hi

    Dear friend,

    It would be appreciated if you could please tell me how do i open a port using ip-tables. Every ones view/sugesstions are hearty welcomed.

    Regards,
    Linumelz ;)
     
  7. JamesCTotalWeb

    JamesCTotalWeb Well-Known Member

    Joined:
    Mar 20, 2005
    Messages:
    64
    Likes Received:
    0
    Trophy Points:
    156
    cPanel Access Level:
    Root Administrator
    Well assuming the protocol is tcp you can just run this command from the command line.

    iptables -A INPUT -p tcp --dport 12375 -j ACCEPT

    iptables -A OUTPUT -p tcp --dport 12375 -j ACCEPT

    you can also add them to your iptables-config file then restart iptables

    /etc/init.d/iptables restart

    Here is a good place to learn about iptables

    http://www.siliconvalleyccie.com/linux-hn/iptables-intro.htm

    remember use this at your own risk if ya break it ya pay for it ........ lol
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. Kerstin

    Kerstin Well-Known Member

    Joined:
    Apr 9, 2005
    Messages:
    136
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Berlin
    Iptables -? should show the allocates ;) ports. [0 to 65535] :confused:

    The commands

    iptables -A INPUT -p tcp --dport 12375 -j ACCEPT
    iptables -A OUTPUT -p tcp --dport 12375 -j ACCEPT
    /etc/init.d/iptables restart

    allocate a port, but a port must be used by a accurate application and protocol.
    You must known the correct TCP (UDP) port, used by the protocol.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. petedickson

    petedickson Member

    Joined:
    Jun 16, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    151
    The above post solved my problem of opening port 81 - thanks!

    However, I've been unable to figure out how to keep the port open! I have to SSH into my box every day and run /etc/init.d/iptables restart (I don't need to enter the INPUT and OUTPUT commands again, though).

    FYI, my /etc/sysconfig/iptables-config looks like:

    # Additional iptables modules (nat helper)
    # Default: -empty-
    #IPTABLES_MODULES="ip_nat_ftp"

    # Save current firewall rules on stop.
    # Value: yes|no, default: no
    #IPTABLES_SAVE_ON_STOP="no"

    # Save current firewall rules on restart.
    # Value: yes|no, default: no
    #IPTABLES_SAVE_ON_RESTART="no"

    # Save (and restore) rule counter.
    # Value: yes|no, default: no
    #IPTABLES_SAVE_COUNTER="no"

    # Numeric status output
    # Value: yes|no, default: no
    #IPTABLES_STATUS_NUMERIC="no"


    Any help, greatly appreciated.

    cheers

    Pete Dickson
    Birmingham, UK
     
  10. petedickson

    petedickson Member

    Joined:
    Jun 16, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    151
    Can anyone help with my follow up question, posted above?

    Many thanks.

    Pete Dickson
    Birmingham, UK
     
  11. shashank

    shashank Well-Known Member
    PartnerNOC

    Joined:
    Apr 12, 2003
    Messages:
    159
    Likes Received:
    1
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    You should issue iptables-save after you have all the rules applied. I find it strange you have to login everyday and restart it. May be you can put a cron for it if there is a problem.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. nickb

    nickb Well-Known Member

    Joined:
    Feb 25, 2005
    Messages:
    347
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    India
    Do you have service iptables enabled in chkconfig??? if not, enable it to start it at system startup or place /etc/init.d/iptables start in your /etc/rc.local.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. petedickson

    petedickson Member

    Joined:
    Jun 16, 2005
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    151
    Aren't these files for when the server reboots?

    The server is staying up. It just seems to forget about port 81!

    Just type the command iptables-save?

    Thanks for your help.

    Pete Dickson
    Birmingham, UK
     
  14. nickb

    nickb Well-Known Member

    Joined:
    Feb 25, 2005
    Messages:
    347
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    India
    I suggest you to Install APF..its a nice tool and will take care of all of your ports and iptable configurations. Search the forum and you will get nice info bout installation and configuration of APF.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. Smart-Guyz

    Smart-Guyz Registered

    Joined:
    Aug 27, 2005
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    151
    If i insert a Core Config (sample 127.0.0.1) I get this message (for cPGSD):

    There seems to have been a problem: "Unable to create socket, perhaps the remote end is unreachable ?: Failed to open Private Key "

    I've tryed to do the things above, but the port 20100 still is'nt open, can some one help me solve this problem?
     
  16. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,726
    Likes Received:
    1,883
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Greetings!

    Opening a port in Linux involves two essential concepts. First, you need to ensure the installed service or application is listening for connections on the port it's configured to run on. Second, the port must accept traffic from external connections if the service or application is to be accessible to the public. Here's some information to help guide you through this process.

    Using The Command Line

    Step 1. Ensure the service or application is listening for connections.

    The netstat command is available on most Linux systems and will allow you to verify the service or application is running on a specified port. We'll use cpsrvd (the internal process used for cPanel & WHM) as an example. Since the cpsrvd service is configured to bind to ports 2082, 2083, 2086, 2087, 2095, and 2096, we'll use the following command to ensure it's listening for connections on these ports:

    Code:
    netstat -lnp|grep cpsrvd
    You'll want to replace cpsrvd with the name of the process associated with the service you are setting up when running this command on your own system. For this example, let's review what the output of this command looks like on a server using cPanel & WHM:

    Code:
    tcp        0      0 0.0.0.0:2082            0.0.0.0:*               LISTEN      51087/cpsrvd (SSL)
    tcp        0      0 0.0.0.0:2083            0.0.0.0:*               LISTEN      51087/cpsrvd (SSL)
    tcp        0      0 0.0.0.0:2086            0.0.0.0:*               LISTEN      51087/cpsrvd (SSL)
    tcp        0      0 0.0.0.0:2087            0.0.0.0:*               LISTEN      51087/cpsrvd (SSL)
    tcp        0      0 0.0.0.0:2095            0.0.0.0:*               LISTEN      51087/cpsrvd (SSL)
    tcp        0      0 0.0.0.0:2096            0.0.0.0:*               LISTEN      51087/cpsrvd (SSL)
    Here you see it’s correctly listening for connections through the TCP protocol over ports 2082, 2083, 2086, 2087, 2095, and 2096. The entries for 0.0.0.0 in this context indicate it's listening on all available IP addresses configured on the server. You can proceed to the second step once you've confirmed the service or application is listening for connections on the correct port(s).

    Step 2. The service needs to be accessible from an external connection.

    This step involves configuring the system's firewall so that it permits the flow of traffic from external connections to the port(s) the service or application is listening for connections on. I encourage anyone new to Linux or new to firewall management in-general to practice caution and review your specific operating system's documentation on firewall rules. A single mistake when running an iptables or firewalld command may lead to an inaccessible server. If you're comfortable with the command line environment, here are some basic examples of commands you can use to ensure access to a specific port is open to the public.

    For CentOS, CloudLinux, or RHEL version 6.x:

    Code:
    iptables -A INPUT -p tcp --dport 2082 -j ACCEPT
    This creates an iptables rule that accepts all connections to port 2082 over the TCP protocol. You can permanently save the rule with the following command once you've confirmed access to the port is working:

    Code:
    /sbin/service iptables save
    For CentOS 7, CloudLinux 7, or RHEL 7 systems using the firewalld daemon, the command would look like this:

    Code:
    firewall-cmd --zone=public --add-port=2082/tcp --permanent
    Using cPanel & WHM

    If the above information seems overwhelming, don't worry! It's common for those new to Linux to feel overwhelmed at the amount of information one is expected to understand. It's one of the reasons why system administrators new to Linux will often choose to set up a server with a control panel such as cPanel & WHM. One of the advantages to using cPanel & WHM is the ability to manage most server administration tasks through a web browser instead of the command line. Case in point, firewall management. One of the most installed plugins for cPanel & WHM is CSF. It's free and makes it easy to setup and manage firewall rules directly from a web browser (through Web Host Manager). If you already use cPanel & WHM and you want to install this plugin, check out the installation steps referenced in our documentation at the link below:

    How To Install CSF

    If you don't use cPanel & WHM, check out the links below if you'd like more information on how you could benefit from the various features included with the product:

    Our Products & You
    Demo cPanel & WHM
    cPanel & WHM Free Trial License
    Pricing Plans & Discount

    If you have questions regarding this topic or about cPanel & WHM in general, register an account on the cPanel Forums and join the discussion! We have a team dedicated exclusively to the cPanel Forums to help answer any questions you have.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice