Amahi Forums

The Amahi Home Server Forums
https://forums.amahi.org/

Renable IPTABLES Firewall

https://forums.amahi.org/viewtopic.php?f=8&t=2143

Page 1 of 1

Renable IPTABLES Firewall

Posted: Tue Dec 07, 2010 1:57 pm
by smccloud
I'm going to throw my HDA into my router's DMZ to see if that makes it so I can access it tonight. What ports do I need to open in IPTABLES to let my HDA function correctly w/ it running?

Re: Renable IPTABLES Firewall

Posted: Tue Dec 07, 2010 2:13 pm
by DSMunky
If you run 'nmap localhost' this will tell you what ports are listening on your server. From there you can probably judge for yourself. Output of mine is:

Code: Select all

Hostname localhost resolves to 2 IPs. Only scanned 127.0.0.1 rDNS record for 127.0.0.1: localhost.localdomain Not shown: 989 closed ports PORT STATE SERVICE 22/tcp open ssh 53/tcp open domain 80/tcp open http 111/tcp open rpcbind 139/tcp open netbios-ssn 445/tcp open microsoft-ds 3306/tcp open mysql 8080/tcp open http-proxy 8081/tcp open blackice-icecap 8200/tcp open unknown 50500/tcp open unknown Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds
so you would only want 3306 to be accessible from the localhost, 53 only to internal clients, 80 everything etc.

Re: Renable IPTABLES Firewall

Posted: Tue Dec 07, 2010 2:24 pm
by rgmhtt
I'm going to throw my HDA into my router's DMZ to see if that makes it so I can access it tonight. What ports do I need to open in IPTABLES to let my HDA function correctly w/ it running?
iptables is NOT running. But ip6tables is:

# chkconfig --list|grep tables
ip6tables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
iptables 0:off 1:off 2:off 3:off 4:off 5:off 6:off

Unless you are working with the Amahi firewall app.

Re: Renable IPTABLES Firewall

Posted: Tue Dec 07, 2010 2:28 pm
by smccloud
Well, I don't use IPv6 so I will be re-enabling IPTABLES.

Re: Renable IPTABLES Firewall

Posted: Tue Dec 07, 2010 2:33 pm
by rgmhtt
make sure you know what you are doing with IPTABLES.

Consider adding Shorewall. It is a GREAT tool for managing iptables with a great degree of control. Like putting port limiting on SSHD.

I have run it on many systems I have managed in the past.

Re: Renable IPTABLES Firewall

Posted: Wed Dec 08, 2010 8:12 am
by smccloud
Helps if I check to see if the ports I'm forwarding are blocked by my ISP or not. Now to get a PPTP VPN running on my HDA.

Re: Renable IPTABLES Firewall

Posted: Wed Dec 08, 2010 9:30 am
by rgmhtt
I personally detest PPTP. But then I co-chaired IPsec in the IETF...
All times are UTC-07:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/