How to Open the Network Ports on the Firewall of a Linux Server

Table of contents:

How to Open the Network Ports on the Firewall of a Linux Server
How to Open the Network Ports on the Firewall of a Linux Server
Anonim

Time for some server maintenance! In this article we will show you how to open ports on your Linux server's firewall. This can be very useful, but also dangerous. So, make sure you know which door you are going to open. Hackers can use these ports to hack into your computer, be careful! "Why then should I ever open doors?" The explanation is simple: do you want to implement a streaming radio program on your website? Then you will have to open and listen to "doors", otherwise, it will not work! necessary to open the ports, which are the same as to follow to close them or move the open ports. In this way the bot programs that scan the network for open ports among the most commonly used, will not find any on your computer. tutorial, we will use CSF Firewall (ConfigServer Security & Firewall), a powerful and easy to use Linux server firewall. In this example we will open port 8001.

Steps

Open Ports in Linux Server Firewall Step 1
Open Ports in Linux Server Firewall Step 1

Step 1. Log in to your server via SSH as root:

[root @ your server] ~ >>

Open Ports in Linux Server Firewall Step 2
Open Ports in Linux Server Firewall Step 2

Step 2. Navigate to the folder where the CSF configuration file is located:

  • [root @ your server] ~ >> cd / etc / csf
  • Hit enter.

    • Note:

      This is the folder where CSF keeps all files, not just the configuration file.

    Open Ports in Linux Server Firewall Step 3
    Open Ports in Linux Server Firewall Step 3

    Step 3. Open the configuration file so you can edit it using an editor such as “Vim”

    You can of course use another editor, but in this article we will only show the “Vim” commands.

    • [root @ your server] csf >> vim csf.conf
    • Hit enter.

      • Note:

        This file contains many security settings that you can change as needed, but which will not be covered in this article. To find out what each setting does, read the comments in the file.

    • Once you open the file, you will see a section "TCP_IN" and "TCP_OUT", similar to this:
    Open Ports in Linux Server Firewall Step 4
    Open Ports in Linux Server Firewall Step 4

    Step 4. Allow inbound TCP traffic

    TCP_IN = "20, 21, 1122, 25, 26, 53, 80, 110, 143, 443, 465, 587, 993, 995, 2077, 2078, 2082, 2083, 2086, 2087, 2095, 2096, 8000"

    Open Ports in Linux Server Firewall Step 5
    Open Ports in Linux Server Firewall Step 5

    Step 5. Allow outbound TCP traffic

    • TCP_OUT = "20, 21, 1122, 25, 37, 43, 53, 80, 110, 113, 443, 587, 873, 2087, 2089, 2703, 8000"

      All of these numbers are the currently “open” ports on your server. Your file will most likely be different, don't be scared! This, in fact, depends on the configuration of the server

    Open Ports in Linux Server Firewall Step 6
    Open Ports in Linux Server Firewall Step 6

    Step 6. Scroll down until you see the number 8000, this is where we are going to add our door

    • 2095, 2096, 8000"

      On "Vim", we will need some special commands. Press on your keyboard, this will enter Vim's "Insert" mode and can add text

    Open Ports in Linux Server Firewall Step 7
    Open Ports in Linux Server Firewall Step 7

    Step 7. Enter the port number:

    • 2095, 2096, 8000, 8001"

      Do the same for the TCP_OUT section

    Open Ports in Linux Server Firewall Step 8
    Open Ports in Linux Server Firewall Step 8

    Step 8. When done, hold down the (Ctrl) key on your keyboard and press the left bracket button ([)

    This will take you out of Vim's "insert" mode.

    Open Ports in Linux Server Firewall Step 9
    Open Ports in Linux Server Firewall Step 9

    Step 9. Save and exit the file

    Hold down the (Shift) key and press (;). At the bottom, a colon (:) and a blinking cursor should appear.

    Open Ports in Linux Server Firewall Step 10
    Open Ports in Linux Server Firewall Step 10

    Step 10. Type the letters (w) and (q), without spaces

    These letters stand for –write and -quit

    Open Ports in Linux Server Firewall Step 11
    Open Ports in Linux Server Firewall Step 11

    Step 11. Restart the firewall to apply the changes

    • [root @ your server] csf >> service csf restart
    • Hit enter.

      • You will see this:

        Open Ports in Linux Server Firewall Step 12
        Open Ports in Linux Server Firewall Step 12

        Step 12. Stopping CSF

        Open Ports in Linux Server Firewall Step 13
        Open Ports in Linux Server Firewall Step 13

        Step 13. After that, you will see a bunch of IP addresses appear on the screen if they are blacklisted or whitelisted

        Do not worry! These are all IPs that have been blacklisted or whitelisted and are put back into the firewall. It will only take five seconds (unless the list is really long).

        Step 14. After that, you are done

        Advice

        • APF Directory: [root @ youroserver} ~ >> cd / etc / apf / Filename: conf.apf
        • If you see an open door that you don't use, close it! Don't leave doors open for hackers!
        • If you are using APF Firewall (Advanced Policy Firewall), you can follow this guide anyway. Just note that the APF Firewall configuration file is located in a different folder.

        Warnings

        • If you start opening doors at full blast, YOUR SERVER WILL BE HACKED! So make sure you don't make it easier for the bad guys. Only open the doors you use and close the ones you don't use.
        • Restart your computer when done. Otherwise, any changes made to the configuration file will not be recognized by the firewall.

Recommended: