RE: opening a port..

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thu, 2003-01-09 at 11:46, mdew wrote:
> On Thu, 2003-01-09 at 17:55, Dharmendra.T wrote:
> > On Thu, 2003-01-09 at 08:11, mdew wrote:
> > > On Thu, 2003-01-09 at 03:24, Rob Sterenborg wrote:
> > > > > ok, telnet from another machine to the router.
> > > > > 
> > > > > telnet 10.0.0.6 4662
> > > > > Trying 10.0.0.6...
> > > > > telnet: Unable to connect to remote host: Connection refused
> > > > > 
> > > > > what "service" should I be running? I simply want 4662 open both ways.
> > > > 
> > > > # netstat -an|grep 4662
> > > > should tell you if your box is listening at all on port 4662.
> > > > 
> > > > If you run eDonkey server on the firewall box, open port in the INPUT
> > > > chain.
> > > > If your eDonkey server is *behind* the firewall, open the port in the
> > > > FORWARD chain, and add a DNAT rule in the nat table -> PREROUTING chain.
> > > 
> > > the edonkey server is behind the firewall
> > > 
> > > 210.54.175.12--->eth0 (Router) 10.0.0.6(eth1)--->10.0.0.x
> > > 
> > > iptables -t nat -A PREROUTING -p tcp -i eth0 -d 210.54.175.12 --dport 4662 -j DNAT --to 10.0.0.6:4662
> > > 
> > 
> > This should work without the last rule.
> > 
> > iptables -A FORWARD -p tcp -i eth0 -d 10.0.0.6 --dport 4662 -j ACCEPT
> > > 
> > > like that?
> 
> the router isnt picking this up..
> 
> mdew:~# iptables -t nat -A PREROUTING -p tcp -i eth0 -d 210.54.175.12
> --dport 4662 -j DNAT --to 10.0.0.6:4662
> mdew:~# iptables -A FORWARD -p tcp -i eth0 -d 10.0.0.6 --dport 4662 -j
> ACCEPT
> mdew:~# netstat -an|grep 4662
> mdew:~#
> 
> mdew@nirvana:~$ nmap 10.0.0.6
> 
> Starting nmap V. 3.10ALPHA4 ( www.insecure.org/nmap/ )
> Interesting ports on debian (10.0.0.6):
> (The 1598 ports scanned but not shown below are in state: closed)
> Port       State       Service
> 22/tcp     open        ssh
> 25/tcp     open        smtp
> 110/tcp    open        pop-3
> 113/tcp    open        auth
> 135/tcp    filtered    loc-srv
> 139/tcp    filtered    netbios-ssn
> 8080/tcp   open        http-proxy
> 
> Nmap run completed -- 1 IP address (1 host up) scanned in 2.545 seconds
> > 
> 

As said you are not running any service on that port so the port is not
listening, Try the rules by listening a port using nc(netcat)

# nc -l -p 4662

And then run nmap. You should get listed this port!

-- 
Dharmendra.T
Linux Enthu
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux