Re: [Dev] [DEV][Carbon] Opening port 9443 from inside RHEL environment

Mon, 09 Mar 2015 21:44:56 -0700 

Hi Chamila,

While giving the INPUT rule I think the command might have been mistakenly
typed as

-A INPUT -m state --state NEW -m tcp -p tcp --sport 9443 -j ACCEPT

because the iptables shows the port 9443 as a source port.

ACCEPT tcp -- 0.0.0.0/0  0.0.0.0/0   state NEW tcp spt:9443

try entering the INPUT rule again. As of my knowledge in order to allow
access from outside the port should be a destination port.

Thanks,

On Mon, Mar 9, 2015 at 8:19 PM, Chamila De Alwis <[email protected]> wrote:

> Hi,
>
> It seems I'm missing a small detail here. I'm running a BAM 2.4.1 server
> on a RHEL 6.4 setup. I've added the following rules in the iptables config
> and restarted the iptables and networking services. However the port 9443
> is not open to the outside.
>
> -A INPUT -m state --state NEW -m tcp -p tcp --dport 9443 -j ACCEPT
> -A OUTPUT -m state --state NEW -m tcp -p tcp --dport 9443 -j ACCEPT
>
> The iptables output is as follows.
>
> [root@wso2bam ~]# iptables -L -n
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state
> RELATED,ESTABLISHED
> ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0
> ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
> ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW
> tcp dpt:22
> REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with
> icmp-host-prohibited
> ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW
> tcp spt:9443
>
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
> REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with
> icmp-host-prohibited
>
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
> ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW
> tcp dpt:9443
>
>
> I can ssh in to the setup without any issue.
>
> Regards,
> Chamila de Alwis
> Software Engineer | WSO2 | +94772207163
> Blog: code.chamiladealwis.com
>
>
>
> _______________________________________________
> Dev mailing list
> [email protected]
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Malith Munasinghe | Software Engineer
M: +94 (071) 9401122
E: [email protected]
W: http://wso2.com

_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev

Reply via email to