Q: How do I open specific ports
without disabling the firewall?
A: RHEL by default prevents
external systems from connecting to any of the reserved port numbers
(0 to 1023). To open a specific port, update the firewall rules by
opening the specified port number by using the following commands:
For an ipchains-based firewall:
# ipchains -I input
-s 0/0 -d 0/0 <port number> -p tcp \
-y -j ACCEPT
# service ipchains
save
# service ipchains
restart
Example:
# ipchains -I input -s 0/0 -d 0/0 389 -p tcp -y -j ACCEPT
# service ipchains save
# service ipchains restart |
For an iptables-based firewall:
# iptables -I INPUT
-s 0/0 -d 0/0 -p tcp \
--dport <port number> --syn -j ACCEPT
# service iptables
save
# service iptables
restart
Example:
# iptables -I INPUT -s 0/0 -d 0/0 \-p tcp
--dport 389 --syn -j ACCEPT
# service iptables save
# service iptables restart
|
Q: How do
I disable SElinux settings?
A: Enter the following command
to open the SElinux configuration dialog and disable the SElinux:
# system-config-securitylevel
 |
| |
|
 | NOTE: The commands set the specified policy before any default policies.
This occurs because the first matching rule is applied to a datagram
received on a specific port. To filter out packets on a port, use
the same syntax for the command, and use the REJECT keyword in place of the ACCEPT keyword. |
|
| |
|
Q: How do I disable firewall
settings?
A: By default, RHEL has a firewall
enabled. This prevents external systems from accessing ports below
1024. Run the following command to open the firewall configuration
dialog and disable the firewall:
# system-config-securitylevel
|
| |
|
 | CAUTION: Disabling the firewall is not advisable. If any external applications
need to communicate with the system, open only those specific ports
for outside access rather than fully disabling the firewall. For details
on how to open a specific port for external programs, see the following
question and answers. |
|
| |
|
Printable version
