Tuesday, December 18, 2012

Liệt kê các port đang được mở và mở port

Chúng ta sử dụng lệnh sau :

netstat -tunap | grep LISTEN

Ví dụ :

Hoặc :

Scan all port Openning in centos using :


If you want to open a single port:

open iptables file : vi /etc/sysconfig/iptables

Add below line to open port.

-A INPUT -m state --state NEW -m tcp -p tcp --dport 143 -j ACCEPT

For multiple, you can use the following instead (or repeat the above line multiple times):

-A INPUT -m state --state NEW -m tcp -p tcp -m multiport --dports 22,80,143 -j ACCEPT

The reason your line doesn't work is likely because you don't have a chain named 'RH-Firewall-1-INPUT'.

CentOS 6 simply uses 'INPUT' as the chain name.

You'll note something like the following at the top of the default config, naming the chains that exist:


Just to explain a bit further, the line -A INPUT -m state --state NEW -m tcp -p tcp --dport 143 -j ACCEPT means:

-A: append a rule
INPUT: to the INPUT chain
-m state: use the 'state' module
--state NEW: only look for NEW connections (i.e. not those that are previously established/related)
-m tcp: use the tcp module
-p tcp: look for packets using the TCP protocol
--dport 143: look for packets with a destination port of 143

To save  :
#/sbin/service iptables save
#/etc/init.d/iptables restart