How to use iptables to open a port.

Message

legendofthor · #1 Post by **legendofthor** » Wed 12 Aug 2009, 00:08

G'day,
Sometimes a programme is not able to run as the Linux firewall has restricted its access due port a closed port. Well here's a workaround that works for me.
This code will open port 2234 for you:

Code: Select all

iptables -A INPUT -i eth1 -p tcp --sport 2234 -m state --state ESTABLISHED -j ACCEPT

If a programme requires a particular port to be opened, such as Nicotine, you can make a simple script that opens the port and executes the programme. Eg:

Code: Select all

#!/bin/sh
iptables -A INPUT -i eth1 -p tcp --sport 2234 -m state --state ESTABLISHED -j ACCEPT
/usr/bin/nicotine

This will open port 2234 and run the Nicotine programme. This works for me.

Remember, that some programmes require multiple ports to be opened. Just add extra iptables lines and the required port.

Cheers
Martin

PS: Sometimes your programme still won't be able to access the internet - this may due to:
1. It requires extra ports to be opened or
2. Modem firewall is blocking.

Security does not appear compromised with this procedure - I went to ShieldUp! to test and it came back as stealthed.

legendofthor · #2 Post by **legendofthor** » Wed 12 Aug 2009, 00:15

how to find out what programmes are accessing ports type in Terminal:

Code: Select all

netstat -nlp

Thanks to trapster for this info.

To check if the port has opened from the first post type:

Code: Select all

iptables -L

Cheers
Martin

fat.tuesday · #3 Post by **fat.tuesday** » Sun 06 Mar 2011, 11:04

when i type the code to open the port 2234:
#!/bin/sh
iptables -A INPUT -i eth1 -p tcp --sport 2234 -m state --state ESTABLISHED -j ACCEPT
/usr/bin/nicotine

i recieve this message:
Error: Symbol iptables is not defined in current scope (tmpfile):1:
Error: Symbol AINPUT is not defined in current scope (tmpfile):1:
Error: Symbol ieth1 is not defined in current scope (tmpfile):1:
Error: Symbol ptcp is not defined in current scope (tmpfile):1:
Error: Symbol sport2234 is not defined in current scope (tmpfile):1:
Error: Symbol mstate is not defined in current scope (tmpfile):1:
Error: Symbol stateESTABLISHED is not defined in current scope (tmpfile):1:
Error: Symbol jACCEPT is not defined in current scope (tmpfile):1:
(const int)0
*** Interpreter error recovered ***

what should i do?
could you reply to me in my email then i keep it if some friends need it i give it to him...thank in advance

fat.tuesday · #4 Post by **fat.tuesday** » Sun 06 Mar 2011, 11:05

my email:

fattuesdayfestival@gmail.com

#5 Post by **Flash** » Sun 06 Mar 2011, 12:34

Please don't do that, especially not in the How to section. The forum is not just for you to solve problems, it is also for other people to learn from the solution to your problems. If you want to send someone an email with the solution, send them a link to this thread in the forum.

fat.tuesday · #6 Post by **fat.tuesday** » Sun 06 Mar 2011, 12:52

ok...but could you tell me how to do it then? cuz i'm using ubuntu 10.10 and maybe...don't know but if you know how to tell me

fat.tuesday · #7 Post by **fat.tuesday** » Sun 06 Mar 2011, 13:03

is it possible to config nicotine allowing the port 2234 to nicotine server only and use it safely?

(old)Puppy Linux Discussion Forum

(old)Puppy Linux Discussion Forum

How to use iptables to open a port.

How to use iptables to open a port.

nicotine install