Renable IPTABLES Firewall

[smccloud]

I'm going to throw my HDA into my router's DMZ to see if that makes it so I can access it tonight. What ports do I need to open in IPTABLES to let my HDA function correctly w/ it running?

[DSMunky]

If you run 'nmap localhost' this will tell you what ports are listening on your server. From there you can probably judge for yourself. Output of mine is:

Code: Select all

Hostname localhost resolves to 2 IPs. Only scanned 127.0.0.1 rDNS record for 127.0.0.1: localhost.localdomain Not shown: 989 closed ports PORT STATE SERVICE 22/tcp open ssh 53/tcp open domain 80/tcp open http 111/tcp open rpcbind 139/tcp open netbios-ssn 445/tcp open microsoft-ds 3306/tcp open mysql 8080/tcp open http-proxy 8081/tcp open blackice-icecap 8200/tcp open unknown 50500/tcp open unknown Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds

so you would only want 3306 to be accessible from the localhost, 53 only to internal clients, 80 everything etc.

[rgmhtt]

I'm going to throw my HDA into my router's DMZ to see if that makes it so I can access it tonight. What ports do I need to open in IPTABLES to let my HDA function correctly w/ it running?

iptables is NOT running. But ip6tables is:

# chkconfig --list|grep tables
ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
iptables 0:off 1:off 2:off 3:off 4:off 5:off 6:off

Unless you are working with the Amahi firewall app.

[smccloud]

Well, I don't use IPv6 so I will be re-enabling IPTABLES.

[rgmhtt]

make sure you know what you are doing with IPTABLES.

Consider adding Shorewall. It is a GREAT tool for managing iptables with a great degree of control. Like putting port limiting on SSHD.

I have run it on many systems I have managed in the past.

[smccloud]

Helps if I check to see if the ports I'm forwarding are blocked by my ISP or not. Now to get a PPTP VPN running on my HDA.

[rgmhtt]

I personally detest PPTP. But then I co-chaired IPsec in the IETF...