When we install CentOS, the default configuration will be hardened and hence most of the unneeded ports will be blocked.
I configured Perforce proxy server in a centOS, which needed port 1666 to be opened. Since it is blocked, none of the other machines were able to contact perforce proxy server. It used to give below error
$ p4 info
Perforce client error:
Connect to server failed; check $P4PORT.
TCP connect to xxx.xxx.com:1666 failed.
connect: xxx.xxx..com:1666: WSAETIMEDOUT
To configure Firewall, we can use ipconfig command in Linux.
Here is the iptables command to open it
iptables -t filter -A INPUT -p tcp --dport 1666 -j ACCEPT
where
--table -t table table to manipulate (default: `filter')
--append -A chain Append to chain
--proto -p proto protocol: by number or name, eg. `tcp'
--jump -j target target for rule (may load target extension)
I configured Perforce proxy server in a centOS, which needed port 1666 to be opened. Since it is blocked, none of the other machines were able to contact perforce proxy server. It used to give below error
$ p4 info
Perforce client error:
Connect to server failed; check $P4PORT.
TCP connect to xxx.xxx.com:1666 failed.
connect: xxx.xxx..com:1666: WSAETIMEDOUT
To configure Firewall, we can use ipconfig command in Linux.
Here is the iptables command to open it
iptables -t filter -A INPUT -p tcp --dport 1666 -j ACCEPT
where
--table -t table table to manipulate (default: `filter')
--append -A chain Append to chain
--proto -p proto protocol: by number or name, eg. `tcp'
--jump -j target target for rule (may load target extension)
Then save the configuration
service iptables save
Next reload the configuration
service iptables reload
Check the status
service iptables status
O/P:
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:1666
As shown above, now the port 1666 is opened.
Other options
iptables -L
where
--list -L [chain [rulenum]] List the rules in a chain or all chains
--flush -F [chain] Delete all rules in chain or all chains
0 comments:
Post a Comment