iptables question, ports over 1024
Madison Kelly
linux-5ZoueyuiTZhBDgjK7y7TUQ at public.gmane.org
Thu Jun 23 18:21:38 UTC 2005
Robert Brockway wrote:
> On Thu, 23 Jun 2005, Madison Kelly wrote:
>
>
>>Hi all,
>>
>> I have a client trying to get into port 1352 (MyPC, I think) on their
>>(windows) server. I've added a rule to allow inbound connections to 1352 (80
>>was already in the iptables firewall and it works. Is there something I am
>>missing about opening a TCP port over 1024?
>
>
> You should not see anything different when opening or SNATting a port
> over 1024[1]. I do this all the time.
>
> If you netcat to 1352 on the firewall do you see anything? Netcat will
> work with either tcp or udp.
>
> What sort of connection failure are you getting (if any)?
>
> [1] Traditional *nix makes a distinction for anything over the first 1024
> ports, which actually means the distinction applies to port over 1023 not
> 1024. Using the standard *nix security model a non-root user is not
> allowed to bind ports over 1023. This has nothing to do with how iptables
> reacts to the port however.
>
> Rob
>
Hi, thanks for the feedback.
I am new to 'nc' so I hope I did this right. When I scan it with
'nmap' i get a 'filtered' message.
akane:/home/madison# nc 111.222.33.44 1352
(UNKNOWN) [111.222.33.44] 1352 (lotusnote) : Connection timed out
Thanks!
Madison
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Madison Kelly (Digimer)
TLE-BU, The Linux Experience; Back Up
http://tle-bu.thelinuxexperience.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list