iptables question, ports over 1024
Robert Brockway
rbrockway-wgAaPJgzrDxH4x6Dk/4f9A at public.gmane.org
Thu Jun 23 17:32:13 UTC 2005
On Thu, 23 Jun 2005, Madison Kelly wrote:
> Hi all,
>
> I have a client trying to get into port 1352 (MyPC, I think) on their
> (windows) server. I've added a rule to allow inbound connections to 1352 (80
> was already in the iptables firewall and it works. Is there something I am
> missing about opening a TCP port over 1024?
You should not see anything different when opening or SNATting a port
over 1024[1]. I do this all the time.
If you netcat to 1352 on the firewall do you see anything? Netcat will
work with either tcp or udp.
What sort of connection failure are you getting (if any)?
[1] Traditional *nix makes a distinction for anything over the first 1024
ports, which actually means the distinction applies to port over 1023 not
1024. Using the standard *nix security model a non-root user is not
allowed to bind ports over 1023. This has nothing to do with how iptables
reacts to the port however.
Rob
--
Robert Brockway B.Sc.
Senior Technical Consultant, OpenTrend Solutions Ltd.
Ph: +1-416-669-3073 Email: rbrockway-wgAaPJgzrDxH4x6Dk/4f9A at public.gmane.org http://www.opentrend.net
OpenTrend Solutions: Reliable, secure solutions to real world problems.
Contributing Member of Software in the Public Interest http://www.spi-inc.org
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list