Shadowchaser Posted June 10, 2005 Report Share Posted June 10, 2005 Hello all, I've been beating my head against a wall trying to figure out how to open to spefic port on my LE2005 machine. I have shorewall running with the option xxxxx/tcp but with i run a port scanner on my system it says that port xxxxx is stealth.. usually this would be good but i need this port open. At first i though it was a NAT problem but i have my Router setup correctly with port forwarding. any idea's ???? Ps Congrats to A.I. on being a new Forum Mod ShadowChaser [moved from Software by spinynorman] Quote Link to comment Share on other sites More sharing options...
aioshin Posted June 10, 2005 Report Share Posted June 10, 2005 at mcc - security - firewall... then click advance, you can specify other ports that you want to be open there (i think, if they have'nt change it, since i still using 10.1 and you are reffering to LE'05) Quote Link to comment Share on other sites More sharing options...
ddmcse Posted June 10, 2005 Report Share Posted June 10, 2005 edit /etc/hosts.allow ALL:ALL opens every port for every pc so you might not want it that extreme you need to figure out what ports/pc's you want open Quote Link to comment Share on other sites More sharing options...
Shadowchaser Posted June 10, 2005 Author Report Share Posted June 10, 2005 ddmcse, So i should add the port number to host.allow or do i need to add the IP address? do add xxxx/tcp or 127.0.0.1 xxxx/tcp ??? still a little confused :unsure: Quote Link to comment Share on other sites More sharing options...
Shadowchaser Posted June 12, 2005 Author Report Share Posted June 12, 2005 ? Quote Link to comment Share on other sites More sharing options...
ddmcse Posted June 12, 2005 Report Share Posted June 12, 2005 (edited) the easiest is to use ALL:ALL and let your external router handle the rest of the port blocking edit hosts.allow to let all into SSH daemon, Sendmail and our ident daemon: identd: ALL sendmail: ALL sshd: ALL Don't use above example if you don't like allowing anyone to access the Sendmail daemon, ssh daemon and/or ident daemon. If you'd like to have hosts on your intranet access to your POP3 daemon, but not anyone else you can do something like this in hosts.allow: popa3d: 127.0.0.1 192.168.0. With this rule access is granted to our POP3 daemon popa3d from localhost and the "192.168.0." IP range. You can read "192.168.0." like 192.168.0.*, 192.168.0.1 - 192.168.0.254, or 192.168.0.0/24. It comes down to 254 IP addresses that start with "192.168.0". More information More information can be obtained by reading the following man pages: - hosts_access(5) - hosts_options(5) - tcpd(8) Edited June 12, 2005 by ddmcse Quote Link to comment Share on other sites More sharing options...
Shadowchaser Posted June 13, 2005 Author Report Share Posted June 13, 2005 Thanks for the info. :) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.