Can't open ports
I am trying to open ports for 30120 & 30110, and I used the firewall, but I went to a port checker website and it keeps saying its not open. Can anyone help? Here is what my firewall status looks like. https://gyazo.com/4437fbbf9b0a91fa3e9312c3ec67466b
7 Replies
rdaniels
Linode Staff
I'm sorry to hear that you are having some trouble setting your firewall rules up. There are a few things you can do to troubleshoot the issue using iptables.
1. List
First, you can get an idea of your current rules by using the iptables command with the -l or --list option.
sudo iptables -L
2. Save
Then, you will want to save your current rules.
sudo iptables-save > /root/firewall.rules
3. Flush
Then, you can get a fresh start by flushing all of your current rules like so:
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
4. Set Ruleset
Next, you can configure rules for the specific ports that you would like open. In this case, you are asking about 30120 and 30110, but you can add other ports using the same syntax.
iptables -I INPUT -p tcp --dport 30120 -j ACCEPT
iptables -I INPUT -p tcp --dport 30110 -j ACCEPT
5. Deploy
This process will differ based on the Linux distribution you are running. Consult this section of our iptables guide for specifics.
6. Set to Persist
Finally, you will want to set your rules to persist a system reboot, and you can read more about this step in the iptables guide as well.
Hope this helps, and feel free to reply to this post with any additional questions!
Please, note that these rules can be applied to IPv6 by making a few adjustments that are mentioned in the above guide.
Thanks, but I did that, and I rebooted it too, followed the guide through, and I checked on the website again and said both ports were still closed. I'm not sure.
That's a head scratcher.
What services do you have listening on ports 30120 and 30110? If there are no services listening, the ports are effectively closed, regardless of firewall configuration. You can confirm what services are listening with:
netstat -plunt
This forum post may explain it better than I can:
https://security.stackexchange.com/questions/73133/what-problems-if-any-are-caused-by-opening-a-port-in-the-firewall-that-no-progra
I hope this helps!
Its for a game server, and I checked it again and port 30120 is open, but 30110 isn't. Not sure.
So I'm pretty sure I did everything right, I needed TCP & UDP for both ports, and I did that. And it says port 30120 is open, but still doesn't say 30110 is open. Any ideas? This is causing a problem for me as people aren't able to connect to my server.
bbigger
Linode Staff
@Curly from information that you've provided so far, it sounds to me like firewall isn't the issue here. Here's a breakdown of a methodical way to approach troubleshooting:
External Diagnostics
When you say "I checked it again and port 30120 is open, but 30110 isn't", this gives me the impression that you're using a tool like Nmap to externally determine your Linode's port accessibility. For example, you could run the following Nmap command from a separate source to help diagnose accessibility issues:
nmap -v -p 30110,30120 --reason $ipaddress
Nmap's own documentation is an excellent resource for interpreting outputs, and there are plenty of other helpful guides for using Nmap out there.
Internal Diagnostics
While diagnostic tools like Nmap will help you understand where the problem is, being external by nature, they won't help you actually fix it. That's where the command suggested by @bleckemby comes into play, which you'd run directly from your Linode via SSH, Lish, or other remote connection.
Netstat prints information about the Linux networking subsystem and will display a list of open sockets listening over TCP/UDP, along with the PID and name of the program to which each socket belongs and numerical addresses (instead of trying to determine symbolic host, port or user names). You can find all this info from the netstat manpage.
The output (which should be run with sudo) will confirm which ports your game server is listening on for incoming traffic. Here's an example output to give you an idea of what to look for:
$ sudo netstat -plunt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1832/nginx -g daemo
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1790/sshd
This output shows that I have nginx and sshd listening for tcp traffic over ports 80 and 22, respectively. If you don't see any Local Address results for $ipaddress:30110, that means that your game server isn't listening for traffic over that port. Circling back to Nmap diagnostics, in this situation where your firewall isn't filtering traffic over port 30110, Nmap would report that this port is closed.
Fixing the Problem
The result from your internal diagnostic should determine what to do next. If netstat shows that your game server is listening over port 30110, then there is likely some network or other internal configuration issue that is preventing external traffic directed to that port from reaching your application. You might have to dig into the specific ways your Linux distribution handles networking in order to resolve these issues.
If netstat does not show that you're listening over port 30110, then that's most certainly a problem with the way your game server is configured or behaving, and where you should be focusing your troubleshooting efforts.
Hope this helps! Feel free to share command outputs (make sure to anonymize them so you don't unintentionally expose your Linode's details) or further questions on troubleshooting this issue.
Port 25 is blocked on my Linode.
Support says all blocking have been lifted.
Don't use firewall.
Only port http, httpd and ssh are open.
What is blocking port 25?
How could I open it?