Results 1 to 3 of 3

Thread: IPTables now showing port open

  1. #1
    Join Date
    Jul 2008
    Beans
    17

    Question IPTables now showing port open

    Greetings all!

    Slowly, but surely, I am getting the hang of IPTables.

    I've setup to open certain UDP ports but they simply refuse to show when I iptables -L.

    iptables file:

    $IPT -A INPUT -p udp --dport 13000 -j ACCEPT
    $IPT -A INPUT -p udp --dport 13001 -j ACCEPT
    $IPT -A INPUT -p udp --dport 5060 -j ACCEPT
    $IPT -A INPUT -p udp --dport 5061 -j ACCEPT
    $IPT -A INPUT -p udp --dport 6060 -j ACCEPT
    $IPT -A INPUT -p udp --dport 6061 -j ACCEPT

    Out of iptables -L:

    Chain INPUT (policy DROP)
    target prot opt source destination
    pgl_in all -- anywhere anywhere state NEW mark match !0x14
    ACCEPT all -- anywhere anywhere
    ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
    ACCEPT tcp -- anywhere anywhere tcp dpt:xmpp-client
    ACCEPT tcp -- anywhere anywhere tcp dpt:55535
    ACCEPT udp -- anywhere anywhere udp dpt:55535
    ACCEPT tcp -- anywhere anywhere tcp dpt:55332
    ACCEPT tcp -- anywhere anywhere tcp dpt:5900
    ACCEPT udp -- anywhere anywhere udp dpt:5900
    ACCEPT tcp -- anywhere anywhere tcp dpt:39932
    ACCEPT udp -- anywhere anywhere udp dpt:2082
    ACCEPT udp -- anywhere anywhere udp dpt:sip
    ACCEPT udp -- anywhere anywhere udp dpt:sip-tls
    ACCEPT udp -- anywhere anywhere udp dpt:6060
    ACCEPT udp -- anywhere anywhere udp dpt:6061
    ACCEPT udp -- anywhere anywhere udp dpt:13000
    ACCEPT udp -- anywhere anywhere udp dpt:13001
    ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED


    It is annoying that 4 out my defined 6 UDP ports are showing.

    So what am I missing here?

    Full IPTables file: http://paste.ubuntu.com/498615/
    Full 'iptbles -L' output: http://paste.ubuntu.com/498617/

  2. #2
    Join Date
    Mar 2010
    Location
    Freedom 3
    Beans
    379
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: IPTables now showing port open

    The lines with "sip" and "sip-tls" are your "missing" ports. You can verify it by doing:
    Code:
    cat /etc/services | grep 506[01]
    You may also supply the -n switch to iptables -L to show numbers instead of names.
    To suppress free speech is a double wrong. It violates the rights of the hearer as well as those of the speaker.
    Free Software - Free Society | The GNU Project | FSF | ESP

  3. #3
    Join Date
    Jul 2008
    Beans
    17

    Re: IPTables now showing port open

    Ah, that would make sense. I saw those but mentally just glossed over them without associating them. Thanks.

    Now I just have to figure out where the hold up is on my voip program not getting any sound (company said it's usually blocked UPD ports). So now that's cleared up, onto further troubleshooting!

    Thanks again.

    Don

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •