Hi Malith, Thanks for pointing that out. However after fixing the line to dport I still can't telnet to the port.
Regards, Chamila de Alwis Software Engineer | WSO2 | +94772207163 Blog: code.chamiladealwis.com On Tue, Mar 10, 2015 at 10:14 AM, Malith Munasinghe <[email protected]> wrote: > Hi Chamila, > > While giving the INPUT rule I think the command might have been mistakenly > typed as > > -A INPUT -m state --state NEW -m tcp -p tcp --sport 9443 -j ACCEPT > > because the iptables shows the port 9443 as a source port. > > ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp spt:9443 > > try entering the INPUT rule again. As of my knowledge in order to allow > access from outside the port should be a destination port. > > Thanks, > > On Mon, Mar 9, 2015 at 8:19 PM, Chamila De Alwis <[email protected]> > wrote: > >> Hi, >> >> It seems I'm missing a small detail here. I'm running a BAM 2.4.1 server >> on a RHEL 6.4 setup. I've added the following rules in the iptables config >> and restarted the iptables and networking services. However the port 9443 >> is not open to the outside. >> >> -A INPUT -m state --state NEW -m tcp -p tcp --dport 9443 -j ACCEPT >> -A OUTPUT -m state --state NEW -m tcp -p tcp --dport 9443 -j ACCEPT >> >> The iptables output is as follows. >> >> [root@wso2bam ~]# iptables -L -n >> Chain INPUT (policy ACCEPT) >> target prot opt source destination >> ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state >> RELATED,ESTABLISHED >> ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 >> ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 >> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW >> tcp dpt:22 >> REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with >> icmp-host-prohibited >> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW >> tcp spt:9443 >> >> Chain FORWARD (policy ACCEPT) >> target prot opt source destination >> REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with >> icmp-host-prohibited >> >> Chain OUTPUT (policy ACCEPT) >> target prot opt source destination >> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW >> tcp dpt:9443 >> >> >> I can ssh in to the setup without any issue. >> >> Regards, >> Chamila de Alwis >> Software Engineer | WSO2 | +94772207163 >> Blog: code.chamiladealwis.com >> >> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Malith Munasinghe | Software Engineer > M: +94 (071) 9401122 > E: [email protected] > W: http://wso2.com >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
