Tuesday, March 19, 2019

Open Port Command Linux7

Open firewall ports

Add Firewall rule to allow the port to accept packets:

# firewall-cmd --zone=public --add-port=55555/tcp --permanent
success

# firewall-cmd --reload
success

# iptables-save | grep 55555
-A IN_public_allow -p tcp -m tcp --dport 55555 -m conntrack --ctstate NEW -j ACCEPT

5. Check newly added port status

After adding the port for httpd and reloading httpd services, notice now httpd is also listening to newly added port 55555:

# lsof -i -P |grep http
httpd     6595   root    4u  IPv6  43709      0t0  TCP *:80 (LISTEN)
httpd     6595   root    6u  IPv6  43713      0t0  TCP *:55555 (LISTEN)

# netstat -na |grep 55555

You need to use the following commands:
# firewall-cmd --permanent --zone=public --add-service=samba
# firewall-cmd --reload


OR
# firewall-cmd --permanent --add-port=137/tcp
# firewall-cmd --permanent --add-port=138/tcp
# firewall-cmd --permanent --add-port=139/tcp
# firewall-cmd --permanent --add-port=445/tcp

service smb reload

2. Configure SELinux to allow SAMBA services
In case if you do not want to disable SELinux, you can review the SELinux policy allowing the SAMBA subsystem to run. To check the current SELinux policies, use the below commands.

# getsebool -a | grep samba
# getsebool -a | grep nmb

This should give a list of options and whether these are on or off. They should be on. The settings can be changed using the commands given below.
Syntax :

# setsebool -P [boolean] on

For example:

# setsebool -P bacula_use_samba on

# setenforce 0

No comments:

Post a Comment