On 11/02/2009 09:36 AM Rob Kampen wrote: > ken wrote: >> On 10/31/2009 04:10 AM Tony Molloy wrote: >> >>> On Saturday 31 October 2009 07:48:05 hadi motamedi wrote: >>> >>>> Dear All >>>> To open a port , I know that I need to go to "System -> >>>> Administration -> >>>> Security Level and Firewall" -> Other ports and then I can open >>>> port-5901 >>>> as tcp protocol . Can you please do me favor and let me know how it >>>> can be >>>> done from the command line (if my CentOS is text-mode installed) ? >>>> (perhaps >>>> via iptables?) >>>> Let me thank you in advance >>>> >>> Edit /etc/sysconfig/iptables >>> >>> Restart iptables with service iptables restart >>> >>> Tony >>> >> >> My /etc/sysconfig/iptables states at the top that editing of it is not >> recommended. Yeah, I don't always follow such recommendations myself, >> but is there perhaps another way more in keeping with the sense of the >> application? >> > Yeah, editing directly can be risky, nothing worse than making a change > only to find that access to your server just disappeared and you need to > get in front of it to reset via the console.... > I use webmin for most of my edits, only make it accessible from the LAN > and not the WAN. You can always tunnel the :10000 port via ssh and > access securely from a remote location. > The webmin console is left open while I test, thus I have not yet > tripped up on this though I can imagine it is not fool proof. > HTH > Rob Rob, Sounds like you've thought through the process and have a well-planned strategy for failure-prevention. Cool. I checked my port 10000 (ssh -p 10000 ...) and found it not available ("Connection refused"). So in what sense, or how, can I always tunnel it? tnx. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos