To Do Port Forwarding For Ssh In Centos

On my firewall I have mapped external port 2022 with internal port 22 for my public ip.
But when i do #ssh <my public ip> 2022
It shows error that verification failed.


Similar Content



Iptables Question

Hi,

So, I am learning meteor.js and signed up for a (cheap, i.e no support) VPS to host my Meteor app. Everything is running fine but I am trying to understand better how Linux works so here is my question:

I am running CentOS 7 on the VPS but it still uses iptables for its firewall.

I had to enable port 80 to access the web server. However, if I reboot the server, it stops working until I do
Code:
iptables -F

Then everything works. But I am thinking that -F might not be the best thing. I have changed the default SSH port from 22 to something else and that also works but I don't think I ever added it to the iptables rules.

If I do a port scan, the new SSH port is indicated as open as well as port 80 but others are closed as they are supposed to be.

Any idea what is doing on behind the scenes that requires iptables -F for the web access to work properly and if I shouldn't be doing iptables -F (I have it in the rc.local file), what is the right way of doing it?

(BTW, I am computer literate but not that familiar with Linux, which I am trying to learn now.)


Kamal

How To Identify An Ephemeral Port

Hi all,

I understand that Linux by default will limit its Ephemeral port allocation between 32768 to 61000.

I need to identify the applications running on my box (around 500 of them) which are intentionally using a port which happens to be in Ephemeral port range. Objective is to get a list of those apps and flag it so that the developers get to know of it and change their application port.

When I run netstat -nap to get a list of listen ports, I am unable to figure out if the port in Ephemeral range is actually allocated by OS or one of my apps has done it.


Thanks,
linux_it_is

What Is The Use Of Port 1328

I just find my server have the below link , it use port 1328 , I checked it called ewall , would advise what is the use of 1328 ewall port in my case ? why it need to use port to access the web , why it can not direct access without the port ? thanks

https://mydomain.com:1328/xxx/xxx/test.html

Linux USB Port As A 'flash Disk'

Hey All,

Is there a way to present a path or other block device to a USB port on a Linux server then have that port connected to a USB port of another device (ie USB to USB) and have it look like a flash disk?

I can plug a USB flash disk to a router just fine. But if I wanted a device to access a path off of another device int he absence of NFS or CIFS capability, that would be handy.

In other words, anyway to assign storage to a USB port in Linux? It would be akin to something like SAN with a target and source just with USB.

Cheers,
DH

Nfsd Not Starting At Boot

Hello,
I can't get nfsd start at boot on openwrt linux.

I followed this guide:
http://wiki.openwrt.org/doc/howto/nfs.server

but when I turn the computer on:

Code:
root@OpenWrt:~# showmount -e localhost
clnt_create: RPC: Program not registered

Code:
root@OpenWrt:~# dmesg | tail
[   22.252000] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready
[   24.228000] eth1: link UP - 100/full - flow control off
[   24.244000] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready
[   30.124000] svc: failed to register nfsdv3 RPC service (errno 5).
[   31.588000] device eth1 entered promiscuous mode
[   31.596000] br-lan: port 1(eth1) entered forwarding state
[   31.600000] br-lan: port 1(eth1) entered forwarding state
[   31.652000] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
[   31.684000] eth1: link UP - 100/full - flow control off
[   33.604000] br-lan: port 1(eth1) entered forwarding state

but if I do
Code:
root@OpenWrt:~# /etc/init.d/nfsd start
root@OpenWrt:~# showmount -e localhost
Export list for localhost:
/mnt/3tb *

so it works well, but I look at dmesg
Code:
root@OpenWrt:~# dmesg | tail
[   24.228000] eth1: link UP - 100/full - flow control off
[   24.244000] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready
[   30.124000] svc: failed to register nfsdv3 RPC service (errno 5).
[   31.588000] device eth1 entered promiscuous mode
[   31.596000] br-lan: port 1(eth1) entered forwarding state
[   31.600000] br-lan: port 1(eth1) entered forwarding state
[   31.652000] IPv6: ADDRCONF(NETDEV_UP): eth0: link is not ready
[   31.684000] eth1: link UP - 100/full - flow control off
[   33.604000] br-lan: port 1(eth1) entered forwarding state
[16642.280000] svc: failed to register lockdv1 RPC service (errno 124).

I tried several times
Code:
root@OpenWrt:~# /etc/init.d/portmap enable
root@OpenWrt:~# /etc/init.d/nfsd  enable

and reboot but, again, I have to start nfsd manually after every reboot.

What am I doing wrong? On Attitude Adjustment I never had any issue.

Please help!

Firewall-cmd --state "not Running"

I have been flailing trying to get a web server running on Fedora 21.

Finally did so.

I have my iptables working (me thinks) as they should. I can connect from my Linux box (local) or from my Mac on the same network/subnet.

Problem is in my "travels" I have somehow trashed my firewall-cmd.

I was adding parameters to it w/o issue. E.G
firewall-cmd --zone=public --add-port=80/tcp --permanent
Then restarting firewall-cmd
firewall-cmd --realod

This was all working. I "fixed" my problem with connecting to my web server from other LAN workstations (iptables issues) and was going back to see if all was well. Now when I try to restart I get a:
FirewallD is not running
That from my "reload" command above.

Have I fixed my web server issue or is my world wide open att?

Assistance, as always, greatly appreciated.

Skip

Firewall Setup


I have an Intel x86_64 system running rhel 7.0 I want to use this system as a Firewall. The system has two NICs. one NIC is defined with the static IP address from my ISP. The other NIC is also static i.e. no dhcp, and is assigned a LAN addrs of 192.168.10.6 It is plugged into a switch (192.168.10.1) that has other three devices plugged in. Each with it's own hard-coded LAN address (Netmask is 255.255.255.0) I have two zones active in the firewall config External (using the static ip from the ISP) and Internal (using the IP addrs of 192.168.10.6) I'm forwarding the following two ports 80 & 443 in both zones. External zone: ports 80 & 443 are forwarded to my switch (192.168.10.1) Internal zone: ports 80 & 443 are forwarded to my static IP addrs from my ISP. I have IP masquerading turned on in the External zones. However none of the other workstations (Windows 7 professional) and my "smart" TV (netflix access) are able to access the internet. Again I'm NOT using any dhcp, all IP addresses are hard coded. I can ping any LAN address from any LAN node. The Linux FW machine can access the internet. I've read thru the RHEL 7.0 Security guide regarding setting up the firewall and I believe I have all the elements defined properly ... It just doesn't work. I have the same set of DNS values defined on all systems.
They are the three DNS servers assigned by my ISP. I have ipv4 forwarding active on my Linux system. I have masquerading "turned on" in the External zone. The resolv.conf file has the ip addresses of the DNS servers as well as my switch.
However the windows 7 systems and my "smart" TV cannot access the internet.
Anyone who's really familiar with rhel firewall-config GUI and has any suggestions please respond.
Thanks
Guy

How To Check Which Interfacce Port Has Cable Connected

Hi

We are going to move some servers from one location to another. How to verify whether the cables are connected to the right interface port?

like one server has eth0 active and eth1 is down. now if the tech guys connect the cable on eth1 port then how to know that

Is it /sys/class/net/eth1 and look for carrier or there is a better way ?

thanks in advance

Sending Mails With Port Number 587 Bash Script Help

Hi All,
We have some shell scripts which will send emails about backup, alerts etc using mail command. Example.
Code:
echo "Test Mail" | mail -s "Test" me@mydomain.com

I guess the above command just connect port number 25 of our mail server even if we do not define any port number. Now I would like add smtp port number as 587 in all of the bash scripts. I googled for this but could not get whatever I am expecting. So expecting your kind reply to define smtp port number as 587 in all of the bash scripts.

Thanks in advance.

Ftp Stops As Well As Firewall Stops

Hi,

I am running a centOS 6 server , with public ip as web-server. Sometimes the ftp service & firewall ( system-config-firewall) gets dead /crashed.

i have to start messagebus service in-order to start firewall.


what is the real cause of this issue ? Dos attack ?

netstat doesn't show any unusual ip connections