Port open or not?

Question

I am trying to access the Atlassian Crowd server to configure it, which is listening on port 8095. I can access it from localhost. If I disable the firewall (iptables stop), I can access from a remote machine. If I start the firewall, I cannot access anymore.

I gave the following command:

iptables -I INPUT -p tcp --dport 8095 -j ACCEPT

If I run this command from localhost:

netstat -lnt | awk '$6 == "LISTEN" && $4 ~ ".8085"

I get a line as output:

tcp 0 0 :::8095 :::*

I used the same procedure for port 8090 (Atlassian Confluence) and it worked. Am I missing anything? Thanks.

---EDIT---

Output of iptables -nvL

Chain INPUT (policy DROP 93389 packets, 16M bytes)
 pkts bytes target     prot opt in     out     source               destination
 447K  163M ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x3F/0x00
  470 38583 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:!0x17/0x02 state NEW
 2666  160K ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0
    5   200 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:80
    3   120 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:443
    4   184 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:25
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:465
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:110
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:995
   36  2160 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:8080
    6   312 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:8090
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:143
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:993

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 432K packets, 114M bytes)
 pkts bytes target     prot opt in     out     source               destination

I am using CentoOS

Try your `iptables -I INPUT ...` command again, and update the resulting ruleset. — MadHatter, Sep 26 '14 at 07:50
@MadHatter Yes, I did, but nothing changes: it is just ignoring my command. — Manu, Sep 26 '14 at 07:57

score 3 · Accepted Answer · edited Sep 26 '14 at 08:17

3

The rule is not in your iptables so as it stands the port is not open except on your loopback interface (line 4). Try running the command again. You might also want to insert it somewhere other than the beginning of the table too

iptables -I 5 INPUT -p tcp --dport 8095 -j ACCEPT

If his works then save the state of your firewall however your distro does this, for example on CentOS 6 you would

service iptables save

Other distros and OS versions do it differently. This will ensure that when you stop/start iptables the new rule is loaded too.

edited Sep 26 '14 at 08:17

MadHatter

78,442
20
178
229

answered Sep 26 '14 at 07:55

user9517

114,104
20
206
289

For some reason, running service iptables save resolved the issue. For the previous port rules (e.g. 8090) I don't remember of running that command, but just iptables restart. By the way, now it worked. Thanks. – Manu Sep 26 '14 at 08:04

Port open or not?

1 Answers1