4

I am trying to set up PacketFence, but the switch is comunicating on ports 1812 and 1813. I had made a fresh install of CentOS 7 and now I need to open the ports - I did some research but everyone said to open it via firewallD, which is not currently running on my system.

Should I start and configure it or is there any other way ?

Thank you very much

Jesse_Pinkman
  • 159
  • 1
  • 2
  • 8

1 Answers1

2

If you don't have running firewall(firewalld or iptables), you don't need to open any ports on firewall. All your ports opened by default. But be carefull, if you run your system in Internet it's big security breach, so better install iptables or firewalld and open only required ports.

Alexander Tolkachev
  • 4,513
  • 3
  • 14
  • 23
  • Well that is the problem - I didn't have any firewall and after I installed PacketFence only specific ports are opened. But I have no idea how to configure which are open, since iptables configuration in PacketFence folder does have 1812 and 1813 open - but nmap doesn't see them opened. – Jesse_Pinkman Mar 28 '17 at 06:44
  • You could check listening port by command `ss -ln`. – Alexander Tolkachev Mar 28 '17 at 08:11
  • I did, still - only UDP 1812 and 1813 are open and I need to have TCP 1812 and 1813 open - still no idea how to though – Jesse_Pinkman Mar 28 '17 at 12:36
  • @Jesse_Pinkman, may be you have installed `iptables`? Could you check `systemctl status iptables`. If they installed and running you could open ports by command: `iptables -t filter -A INPUT -p tcp -m state --state NEW -m tcp --dport 1812 -j ACCEPT` and `iptables -t filter -A INPUT -p tcp -m state --state NEW -m tcp --dport 1813 -j ACCEPT` – Alexander Tolkachev Mar 28 '17 at 14:19
  • I did have installed them, despite the version of CentOS being 7, but they did not have any current rules applied – Jesse_Pinkman Mar 28 '17 at 17:36
  • Execute 'iptables-save' and you can see rules, that work now. – Alexander Tolkachev Mar 28 '17 at 18:01
  • I did that. What is interesting though - right after I restart the system, iptables -L shows the full set of the rules (with TCP 1812 and 1813 enabled) however, nmap says they are closed. And also when I check service iptables status command, it says it is loaded, but inactive. When I start it, all the rules disappear. It is a mystery to me how the PacketFence firewall works – Jesse_Pinkman Mar 30 '17 at 10:48
  • @Jesse_Pinkman, i checked PacketFence documentation and found that it used it own iptables instance. It located in `/usr/local/pf/conf/iptables.conf`. – Alexander Tolkachev May 10 '17 at 15:38