Last night I installed all the updates that were available for CentOS. Today, I discovered that all connections to port 25 (Sendmail) are being blocked except connections coming from localhost.
I tried disabling the firewall to see if anything would change but it is still blocked.
If it is not the firewall doing the blocking, what else might it be?
Recently I discovered that we were accidentally running a POP server (port 110), when we only should have been running the encrypted version thereof (port 995). This wouldn't have been a problem if the port was blocked in the first place.Isn't the default iptables setup on CentOS to block unspecified ports? Specifically, this line from /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
Right? Well, this doesn't seem to be working for me. I added some rules to allow additional ports and commented out a couple (crucially port 110), but for some reason, port 110 is open.Here is /etc/sysconfig/iptables and the output of iptables -L below that:
# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
[code]....
Why isn't "-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited" doing what I think it should be doing?
I have a mail server on which I would like to block port 25 on my eth0 for everyone except our external spam filter. the problem is that I want our users to be able to connect via port 10025 which is forwarded to port 25, which then is blocked...
View 2 Replies View RelatedI have a fresh installation of CentOS 5 I'm using for a server, and I'm having issues with port configuration. I have iptables running, and it started with no /etc/sysconfig/iptables file. I added a few basic rules (port 53, port 10000 for webmin), saved the file, and restarted the service. I tried connecting to webmin, scanned ports, and traffic was blocked. I set iptables to allow all traffic and restarted the service, and it still showed basically every port as being blocked. It seems port 80 and port 22 work for some reason, even when I tell iptables to block all ports.
I'm not sure what's going on here. Iptables is reading the /etc/sysconfig/iptables file, and if I use lynx localhost:someport it responds as it should according to the file. However, if I try connecting by IP, it's like there's some other firewall or something running that does whatever it's configured to do.....
So I set up an Ubuntu 10.04 server with apache2 installed, but for some reason I can't get to it from my browser. the iptables have all changed directories in 10.04 so I can't find the iptables. Apparmor wasn't the problem. The network hard ware is not the problem.There is something inside of 10.04 that is blocking port 80. I can ping it all day using the ip address but when I ping it useing http://ipaddress it can't find the host
View 4 Replies View RelatedI can't seem to establish a conncction to my site (that I'm hosting in the same computer as the gFTP client- running Lucid Lynx desktop as a server). My site is 'out there', with a domain etc. and also I work on it with localhost. I wanted to use ftp as Joomla has a 'ftp layer' for files permissions etc. But it keeps saying that I can't connect, or the connection 'was reset by a peer' whatever that means. For 'hostname' I use site.com (site is my site's name) and even tried the whole thing like http://www.site.com (I clicke on 'connect to remote, and enter that in the url). or just put it where 'host' goes (when I'm not using localhost) For user name and pass, I just enter what I usually put to access the administrator's back panel in joomla, but maybe I am supposed to use what I use to log on to ubuntu when I start my computer? note sure. Anyway I used a telnet command in the terminal and found that port 21 was blocked. MY isp says they don't block any ports so I don't know. I was able to do this last year so I don't know what is so hard about this lol In the router, I have 'ftp 21 to 21 and ip address 192.168.1.100 (ip is the same for http which is working as I have my site up) now it seems to be open as I used a command at the terminal (found from google). It's open but my ftp still can't connect to my server either localhost or to my site. there is no firewall blocking it and I think my router is set right.
View 1 Replies View RelatedI have a vps server running certain services which can be accessed via a web browser (e.g webmin control panel), but I have recently been unable to access these services from my home machine using Firefox 5.0, running ubuntu 11.04.
Example:
I can access the server on port 80 fine, eg: [URL]
However I cannot access my webmin control panel on: [URL]
The pages takes ages to load and then times out. Same with transmission-daemon on: [URL]
Everything is set up fine on my server, the ports are open in firewall etc. and I can access these pages fine from my work computer.
This has only started happening in the last day or two and had been working fine up till then. I have not messed around at all with the firewall on my home machine. I have tried other browsers besides Firefox with same result.
VERY new to linux, erm but I have an issue that needs solving!I recently moved to university, where their network blocks sftp port 22, this means that I cannot connect to my FTP server which is running a version of linux.Now I've got this ftp server connected to a seedbox and it was created using the following walk through..Code:I have written this guide for a friend, but I though it would be useful for others as well.
There are several guides floating around, but I found that most always cock up in some way. This one is tried and tested to work on Debian Etch (on an OVH rps, but should apply to most servers).If there is a new stable release of rtorrent/libtorrent then I will update this guide to show you how to update it (without reinstalling the whole server).
At the bottom there are also instructions to install ftp access & some network monitoring software.Basically, I would really like someone to be able to construct the commands on how to change the listen port for sftp connection on linux or add another port to the list that Linux would use so that I could put in through putty.
All ports are blocked only 22 and 80 are open. I scan localhost and ports are open. When I scan IP address ports are blocked.I have no firewall rules.
View 5 Replies View RelatedSo I have two ssh servers I connect to regularly that do not use the standard port 22, so I use the "-p" flag to connect to them. This works flawlessly EVERYWHERE except on my girlfriend's work network. When I am on that network (same laptop), I can ssh into servers which use port 22, but not the other servers on this alternate port.Is there any way OTHER than ssh'ing into a machine I can access and then ssh'ing again from there to my destination (which, by the way, does work)? I want to make a direct connection for speed and security reasons.
View 2 Replies View RelatedI get today a server with CentOS.. and someone told me to block access to port 22 for all IP's except my.. so I did
Code:
iptables -A INPUT -p tcp -s my_ip --dport 22 -j ACCEPT
and after
[code]...
I have Linux server (centos) in my company , Network is shared through this linux squid proxy server to Windows client .
How to open port 995 and 587 for Windows client because Outlook are not working in Windows Client ...
How to open this port for Windows Client.
Strange issue here when trying to verify firewall on Server 8.04. No ftp service running at all on server, but both nmap and netcat report port 21 as being open, even though it isn't.I am 100% sure that port 21 is not actually accessible and iptables rules are fine. Trying to connect to the port fails, yet nmap and netcat seem to report a "false positive"?Have also checked on a number of other servers I'm running, and this "false positive" seems to apply to all of them.
View 1 Replies View RelatedCan anyone here point me to a walk-through or discussion of how to use Webmin to set up port forwarding/NAT on a dual-NIC Centos 5.3 box? The layout will be simple:
Internet --- NIC1 [CentOS Box] NIC2 --- Switch to other PCs
We have a BUNCH of exposed services that are on special ports -- for example, to connect to one machine, you go in with [IP_Address]:12000, and to connect to another, [IP_Address]:12002, etc., etc. We're currently using OpenSuse 10.3 on this box, and YaST makes this criminally easy (you give it the incoming port number and the destination IP/port numbers and it just works). But OpenSuse 10.3 is nearing EOL, we're buying a new machine, and I'd like to use CentOS on the new one.
I've read the sparse Webmin documentation in their Wiki, and it leads one to believe that you simply insert a "NAT" rule. But there's obviously something they're leaving out. I *am* opening the ports in the firewall. But when I log in to [IP_Address]:port, it just times out. The port forwarding never occurs. The test in this case is SSH, and I know that SSHD is working properly because I can log into that machine just fine from another PC on the same internal subnet.
i am not able to port 8080 on my CentOS VPS server.I have followed all the instuctions as mentioned on iptables wiki page.Also I am able to telnet my ip address and port number, But can not access from browser.
View 6 Replies View RelatedPl can anyone guide me to connect centos 5.5 using ethernet port to ADSL Broadband modem which is configured in PPPoe mode?
View 19 Replies View Relatedwe are going to install ASTERISK remotely, hence the port 22 in the server has to be open ,Can somebody reply me with exact commands?I tried these commands and got these results
Command : cat /etc/services | grep xxx
Result : No Such file or directory
Command :netstat -nan | grep 22
[code]....
I installed Ubuntu 9.10 and tomcat 6 java servlet container. I am trying to run the tomcat server on port 80, so I edited tomcat's configuration file (server.xml) and changed the default port from "8080" to "80". I launched tomcat server, went to my browser and entered:[url], but it says can not find server/location. Then I edit the server.xml and revert back to port "8080" and then enter: [url] and everything works fine. So my guess is some other service is taking up port 80, but I would think not, since I just installed Ubuntu and made sure apache isn't installed or running.
So I went to "System" --> "Administration", then choose "Network Tools". I then executed Netstat and did not see anything taking up port 80, but I do see port 8080 taken (assuming it is the tomcat server). Then I also did a Port Scan and entered my IP number. Again, I don't see port 80 taken, but do see 8080 being used.
I had a winxp laptop computer behind home wireless and was running tomcat 6 server fine with it, but it over-heated and died recently. So I got a used laptop and just installed Ubuntu 9.10. I have not changed my wireless router settings. It is the same as before. So I have ruled out my home's hardware/network equipment.
So here now I sit, wondering what is up?
For security reasons, is port 80 initially blocked by Ubuntu for some reason? Is there something I have to do beforehand to free up port 80?
I want to do a simple port redirect, i.e. whatever comes trough whatever interface on port AAAA will get redirected to port BBBBI thought that iptables -t nat -I PREROUTING --source 0/0 --destination 0/0 -p tcp --dport AAAA -j REDIRECT --to-ports BBBBhowever it doesn't work, e.g. nc -v -w2 -z localhost AAAA gives:
nc: connect to localhost port AAAA (tcp) failed: Connection refused
while
nc -v -w2 -z localhost BBBB
[code]....
I would like to be able to ssh to a TCP port on my server and be directly connected to the serial port @ 115200 Null modem config. Does any body know how one can do this?
View 4 Replies View Relatedi am using centos 5.2 . recently i have implementing transparent proxy but i faced issue. i received lots of messages in dmesg. i have 2 machine with same OS another machine are works fine with this same configuration
br0: received tcn bpdu on port 1(eth0)
br0: topology change detected, propagating
br0: received tcn bpdu on port 1(eth0)
br0: topology change detected, propagating
br0: received tcn bpdu on port 1(eth0)
[Code]...
Would like to seek your support and idea about the having 2 IP addresses bind to my server.I am using a Dell Server coming with 2 Gigabit Ethernet ports -- eth0 and eth1.After CentOS 5.4 installation, if we assign 2 IP addresses 192.168.1.1 and 192.168.1.2(both in the same subnet - 255.255.255.0) to the 2 NIC. The default gateway is 192.168.1.254.We found the following phenomenon:1. If we unplug the cable connecting eth0, eth1 will be disconnected as well.2. The connection to the server, like SSH, FTP, experience frequently disconnection.My questions:1. If we want to connect both cables to the 2 ports, how can we make them independent and actas normal? That means both ports are functioning independently.2. Is the any build in function in CentOS that can bind 2 NIC as 1?
View 2 Replies View RelatedI have a CentOS5 box I use to run ASSP for Anti-spam. It has a single NIC. I configure network settings using Webmin. I have two Internet connections managed by different routers.
Router 1 - 10.0.0.254 255.255.255.0
Router 2 - 10.0.0.250 255.255.255.0
CentOS - 10.0.0.30 255.255.255.0
Both routers port forward traffic on port 25 (SMTP) to the CentOS box. The SMTP connections only work for the router that is the default gateway on the CentOS box! If Router 1 is configured as the default gateway in CentOS then I can Telnet to that routers WAN IP on port 25 and successfully send mail! On Router 2 I get no connection unless I change the default gateway in CentOS to be the IP of Router 2 thern Router 1 SMTP connections will not work! I imagine that CentOS is sending out it's responses to the default gateway instead of the Router that initiated the port forward?
1. I've just installed Centos 5.5 on a dell machine with 2 network interfaces, and have disabled SELinux.
The output for the command sestatus is: SELinux status: disabled
2. Am I right to think that iptables is not a concern since SELinux is disabled? In any case, the output for the command "iptables -L" is:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
[Code]....
I have a server hosting with in a DC and I have two subnet on 1 VLAN. how can I add all the IPs from these two subnet in one go? lets say for instructional purpose they are 192.168.0.0/24 and 192.168.1.0/24
View 1 Replies View RelatedI'm running CentOS 5.4 and noticed that for the past month there haven't been any new updates showing up either on 'yum check-update' or 'yum update' (I'm interested in basic and security updates). Although this may be right, I wonder if there is an online reference where I can check the updates that are released for CentOS (security bulletins) and make sure if there is anything wrong with my update system.
View 11 Replies View RelatedI have configured NFS Server on CentOS 5.2 with IBM Web Server,which is having AIX 5.3 The IBM Web Server can upload all data onto NFS Server. Now, Today i was having slow response on IBM Web Server & by measuring the NFS, i found below error while running "tcpdump" command on CentOS Server.
tcpdump -n -i eth1 | grep 2049
18:36:37.237451 IP 10.100.19.241.2049 > 10.100.19.88.1758143293: reply ok 1448 read [|nfs]
18:36:37.237476 IP 10.100.19.241.2049 > 10.100.19.88.539981409: reply ERR 1448
18:36:37.237481 IP 10.100.19.241.2049 > 10.100.19.88.796287348: reply ERR 1448
[code]....
I have changed Network Card in CentOS. All LAN is on Gigabit Network. Also I have changed the Network Cable(Patch Cord). But,still no response.
I have a server in a colocation environment where I'm allotted 25Mbps. I'd like to avoid exceeding that for obvious reasons. Is there a way I can set the link speed or at least throttle the bandwidth for all services?
View 2 Replies View RelatedCan anyone tell me if there is a port of the FreeBSD PPP daemon called MPD5? I would like to run this on my CentOS installation as I understand this is better than pptpd?
View 1 Replies View RelatedA lot of activity is happening on our local server and I want to know which port is getting the most used and which daemon is using the port. I think it will be some modification of netstat command.
View 1 Replies View Related