Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I have server instance running on amazon ec2. I want to forward from port 80 to 8080 using iptables. Which works fine until restart when it stops forwarding. I have used
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to 8080
to set up fowarding. What do I need to do to make it persistant?
Thanks
I found a good blog post explaining how to do it
https://help.ubuntu.com/community/IptablesHowTo
You have to run your firewall rules at boot time.
Related
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 days ago.
Improve this question
I have a remote server (server A) that listens on port 9414 and I have another server (server B) that needs to connect to server A on that port, but the application on server B can only send requests to port 9623 and I need to set that any outbound requests sent to port 9623 will actually be sent to port 9414, like an alias port, nothing is listening on port 9623 in server A but still from my application side everything has to be sent supposedly to port 9623.
I have tried with firewalld:
sudo firewall-cmd --permanent --add-forward-port=port=9623:proto=tcp:toport=9414
and tried with iptables:
sudo iptables -t nat -A OUTPUT -p tcp --dport 9623 -j REDIRECT --to-port 9414
or:
sudo iptables -t nat -A PREROUTING -p tcp --dport 9623 -j REDIRECT --to-port 9414
Still no matter which rule I used, telnet to the remote server on port 9414 works, but on port 9623 fails with:
telnet: Unable to connect to remote host: Connection refused
Is there a different rule I could apply to make that port forwarding work?
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I want to change VestaCP admin default port 8083 to 8342
I was edit editor
/usr/local/vesta/nginx/conf/nginx.conf
and change to
# Vhost
server {
listen 8083;
to
# Vhost
server {
listen 8342;
and run command
> service vesta restart
but its not working.
Log into your Vesta Control Panel
Go to Firewall, add new port (for example 1234) to "Vesta" Rule (default 8083), like so:
3. Log into the server via ssh
4. sudo nano /usr/local/vesta/nginx/conf/nginx.conf
locate listen 8083; and replace it with listen 1234;
5. Go back to vesta firewall rule, remove the old port and leave only the new.
6. sudo service vesta restart
That's it
First step:
v-update-sys-vesta-all
Second step:
sed -i 's/8083;/1111;/' /usr/local/vesta/nginx/conf/nginx.conf && v-add-firewall-rule ACCEPT 0.0.0.0/0 1111 TCP && service vesta restart
I am using HestiaCP, a fork of VestaCP. This fork has a new CLI command
v-change-sys-port
that you can use to change the port in a split second. Check this link https://angelright.com/184/how-to-customize-hestia-fork-of-vesta-debian-9 to see how it works.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
I am trying to change default port of SSH from 22 to 2292, Host: RHEL 7.1
I have tried:
1)vi /etc/ssh/sshd_config
#Port 22
Port 2292
2)reboot
Error
ssh -p 2292 root#lrmi079.pll.domin.com
ssh: connect to host lrmi079.pll.domin.com port 2292: No route to host
but ping to the host works
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
Please help
It's possible that this new port 2292 is not open on your RHEL 7.1 host and the inbuilt firewall (also known as iptables) is declining the connectivity.
Check the current firewall rules:
$ sudo iptables -L
To open up a new port - port 2292 - in your case:
$ sudo firewall-cmd --zone=public --add-port=2292/tcp --permanent
$ sudo firewall-cmd --reload
Check the updated rules:
$ firewall-cmd --list-all
Let me know if it worked.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
I have installed and web application which is running on port 8080 on RHEL (centOS). I only have command line access to that machine. I have tried to access that application from my windows machine from which I am connected to server via command-line, but it is giving connection time out error.
Then I have tried to open port 8080. I have added following entry into the iptables.
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
After adding this into the iptables I have restarted it with -
/etc/init.d/iptables restart
But still I am not able to access that application from my windows machine.
Am I doing any mistake or missing something?
The following configs works on Cent OS 6 or earlier
As stated above first have to disable selinux.
Step 1
nano /etc/sysconfig/selinux
Make sure the file has this configurations
SELINUX=disabled
SELINUXTYPE=targeted
Then restart the system
Step 2
iptables -A INPUT -m state --state NEW -p tcp --dport 8080 -j ACCEPT
Step 3
sudo service iptables save
For Cent OS 7
step 1
firewall-cmd --zone=public --permanent --add-port=8080/tcp
Step 2
firewall-cmd --reload
First, you should disable selinux, edit file /etc/sysconfig/selinux so it looks like this:
SELINUX=disabled
SELINUXTYPE=targeted
Save file and restart system.
Then you can add the new rule to iptables:
iptables -A INPUT -m state --state NEW -p tcp --dport 8080 -j ACCEPT
and restart iptables with /etc/init.d/iptables restart
If it doesn't work you should check other network settings.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I'm using Plesk 10.3.1.
I have some settings made in the Plesk Firewall Tool:
The Plesk Panel (port 8443) is only accessable from defined IPs.
SSH is open for all (not for root and on an ohter port)
Now, when I have an IP which is not allow for plesk panel I cant login.
So I connect to SSH and want add my current IP to the iptables rules, how to do that
or where is the needed file?
how can I edit (where is the file?) and restart the current iptables rules generated with the plesk firewall script/tool in the console?
plesk 10.3 dont use /etc/sysconfig/iptables file, this is empty or only has standard config ...
best,
From what little I know, Plesk stores the firewall configuration in /sbin/iptables for Ubuntu.
I followed this Firewall logging tutorial which explains how to add a new iptables set of rules.
I'm wary to give you specific advice as you can knacker yourself very quickly with iptables.
However running $ /sbin/iptables --line-numbers -nL is a good place to start which will show you the existing iptables rules that you have.