Jump to content
gaurav_herein

Not able to open tcp port in linux system

Recommended Posts

I am using RHEL 5

and my application is running in the system on port 11960. I need to connect to this port from application running on other system.

but the port is closed for other system

 

below are the information for my system

 

 

[root@ sysconfig]# iptables -L

Chain INPUT (policy ACCEPT)

target prot opt source destination

ACCEPT tcp -- anywhere anywhere tcp spt:11960 state NEW,ESTABLISHED

 

Chain FORWARD (policy ACCEPT)

target prot opt source destination

 

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

 

 

 

[root@ sysconfig]# netstat -nap | grep 11960

tcp 0 0 127.0.0.1:11960 0.0.0.0:* LISTEN 2155/cm

 

[root@ sysconfig]# nmap -p 11960 23.x.x.x

 

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2012-05-29 06:45 EDT

Interesting ports on (23.x.x.x):

PORT STATE SERVICE

11960/tcp closed unknown

 

[root@ sysconfig]# nmap -p 11960 127.0.0.1

 

Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2012-05-29 06:45 EDT

Interesting ports on localhost.localdomain (127.0.0.1):

PORT STATE SERVICE

11960/tcp open unknown

 

[root@domU-12-31-39-10-06-32 sysconfig]# tcptraceroute -p 11960 23.x.x.x

traceroute to 23.x.x.x (23.x.x.x), 30 hops max, 40 byte packets

1 ip-10-72-24-2.ec2.internal (10.72.24.2) 1.370 ms 1.322 ms 1.299 ms

2 ip-10-1-6-69.ec2.internal (10.1.6.69) 0.505 ms ip-10-1-8-69.ec2.internal (10.1.8.69) 0.501 ms 0.680 ms

3 ip-10-1-11-14.ec2.internal (10.1.11.14) 0.843 ms ip-10-1-7-14.ec2.internal (10.1.7.14) 0.833 ms ip-10-1-9-14.ec2.internal (10.1.9.14) 0.802 ms

4 216.182.224.209 (216.182.224.209) 0.785 ms 216.182.224.76 (216.182.224.76) 16.203 ms 216.182.232.48 (216.182.232.48) 0.737 ms

5 216.182.232.49 (216.182.232.49) 1.306 ms 1.285 ms 216.182.224.208 (216.182.224.208) 1.252 ms

6 23.x.x.x 2.679 ms 2.654 ms 2.629 ms

 

Firewall is off

 

tried

nc 23.x.x.x 11960

 

tried adding below when firewall was on

iptables -A INPUT -i eth0 -p tcp --sport 11960 -m state --state NEW ESTABLISHED -j ACCEPT

 

tried flushing the iptables "iptables -F"

 

can anyone suggest what should i check or what is the problem with this port.

is there anything that i need to add in /etc/services?

 

Regards,

Gaurav

  • Like 18

Share this post


Link to post
Share on other sites

I don't know much about iptables, haven't done anything with it yet. What I do for now is go to /etc/sysconfig . Then as root run system-config-firewall-tui . You will get a simple graphical interface where you can turn on your firewall and add a port to open in your firewall.

Share this post


Link to post
Share on other sites

iptables -A INPUT -i eth0 -p tcp --sport 11960 -m state --state NEW ESTABLISHED -j ACCEPT

I think that should read --dport 11960 - you're interested in DESTINATION port, not SOURCE port.

 

(you rule is permitting incoming connections from port 11960, not connections to 11960)

 

Another test to try is: "telnet localhost 11960" on that machine - see if you get any response.

Share this post


Link to post
Share on other sites

Okayyy... I'm not sure why /etc/hosts would prevent firewall rules from working, but glad to see you got it all sorted!

Share this post


Link to post
Share on other sites
Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...