Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to check the IP:PORT firewall uses?
Top Forums Shell Programming and Scripting How to check the IP:PORT firewall uses? Post 303003987 by Chubler_XL on Sunday 24th of September 2017 11:31:43 PM
Old 09-25-2017
The Firewall isn't a service that listens on a particular port so netstat will not be able to identify if it is running like it can for other services (like apache).

You could use firewall-cmd to enquire on the firewall status like this:

Code:
# firewall-cmd --state
running

 

10 More Discussions You Might Find Interesting

1. IP Networking

how can i check if port is busy or if someone is using it ?

Hello i have application that using ports , how can i check if the port im using is not captured by any applications? (1 Reply)
Discussion started by: umen
1 Replies

2. Solaris

How to open SSH port on firewall?

Hi, So that potential responders will have an idea of what they're dealing with let me say that while I am a UNIX newbie I have been in IT for over 10 years. We have several SUN boxes running ver 5 of the OS that have been sitting dormant for some time as they were part of a now defunct... (3 Replies)
Discussion started by: pjewett
3 Replies

3. Linux

can ping without firewall; no port 631

Well, since I wrote the below, I've learned a little more about Samba, and got them to at least acknowledge each other. Still can't use Gaurd dog. Still cant print from one to the other. I'm learning I'm learning I recently installed mepis 7 on both my laptop and laptop. (I came... (0 Replies)
Discussion started by: Sonshyne5
0 Replies

4. Linux

using firewall to block port

Hi, I will like to allow access to the mysql port (3306) to certain IP address. All other IP's should be automatically blocked. What is the best way to do this? (8 Replies)
Discussion started by: shantanuo
8 Replies

5. UNIX for Dummies Questions & Answers

How do you check whether a port currently being used?

Hi, Please help me out, how to check whether a port currently being used or not. is there any command which give the result? Thanks Rajesh (6 Replies)
Discussion started by: rajesh08
6 Replies

6. IP Networking

Is there any way to add an exception for a port in the firewall setting, permanently?

Hello, I want to add a port in the firewall exception list so that my application can be accessed over network even if firewall is disabled. I am using iptables command to add exception. The problem is, after setting the rule if I change the firewall setting i.e. on/off then it is overwriting... (1 Reply)
Discussion started by: senrooy
1 Replies

7. Shell Programming and Scripting

Firewall Check Script

Hello, I made a following script that check every 5 minutes to check firewall is running or not, if firewall down that raise an alert only once, but following script generate an alert every 5 minutes according to cronjob: FILE="/var/log/fwstatus" CHK="/tmp/fwstatus" service... (1 Reply)
Discussion started by: telnor
1 Replies

8. UNIX for Dummies Questions & Answers

Rsync port and firewall

hi guys I doing some collocation for a customer, customer requested to use other port for ssh not the default one. OK no problem and customer will be using rsync to sync backups among other things I know we have to open port let's say port 5999 for ssh since we are using that one now but I... (1 Reply)
Discussion started by: karlochacon
1 Replies

9. Shell Programming and Scripting

Good way to check firewall port on Linux centos 7

Hi, I need to know what kind of firewall settings does the linux box have? Is port 25 blocked in any way? Linux techx 3.10.0-514.10.2.el7.x86_64 #1 SMP Fri Mar 3 00:04:05 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux I'm coming from this thread. (1 Reply)
Discussion started by: mohtashims
1 Replies

10. Shell Programming and Scripting

Unable to open firewall port for external traffic.

Below is what i did to open the firewall port on # sudo firewall-cmd --zone=public --add-port=27012/tcp --permanent Warning: ALREADY_ENABLED: 27012:tcp success # sudo firewall-cmd --reload success # firewall-cmd --list-all public target: default icmp-block-inversion: no ... (10 Replies)
Discussion started by: mohtashims
10 Replies

LEARN ABOUT CENTOS

firewalld.lockdown-whitelist

FIREWALLD.LOCKDOWN(5)					   firewalld.lockdown-whitelist 				     FIREWALLD.LOCKDOWN(5)

NAME

       firewalld.lockdown-whitelist - firewalld lockdown whitelist configuration file

SYNOPSIS

       /etc/firewalld/lockdown-whitelists.xml

DESCRIPTION

       The firewalld lockdown-whitelist configuration file contains the selinux contexts, commands, users and user ids that are white-listed when
       firewalld lockdown feature is enabled (see firewalld.conf(5) and firewall-cmd(1)).

       This example configuration file shows the structure of an lockdown-whitelist file:

	   <?xml version="1.0" encoding="utf-8"?>
	   <whitelist>
	     <selinux context="selinuxcontext"/>
	     <command name="commandline[*]"/>
	     <user {name="username|id="userid"}/>
	   </whitelist>

OPTIONS

       The config can contain these tags and attributes. Some of them are mandatory, others optional.

   whitelist
       The mandatory whitelist start and end tag defines the lockdown-whitelist. This tag can only be used once in a lockdown-whitelist
       configuration file. There are no attributes for this.

   selinux
       Is an optional empty-element tag and can be used several times to have more than one selinux contexts entries. A selinux entry has exactly
       one attribute:

       context="string"
	   The context is the security (SELinux) context of a running application or service.

	   To get the context of a running application use ps -e --context and search for the application that should be white-listed.

	   Warning: If the context of an application is unconfined, then this will open access for more than the desired application.

   command
       Is an optional empty-element tag and can be used several times to have more than one command entry. A command entry has exactly one
       attribute:

       name="string"
	   The command string is a complete command line including path and also attributes.

	   If a command entry ends with an asterisk '*', then all command lines starting with the command will match. If the '*' is not there the
	   absolute command inclusive arguments must match.

	   Commands for user root and others is not always the same, the used path depends on the use of the PATH environment variable.

   user
       Is an optional empty-element tag and can be used several times to white-list more than one user. A user entry has exactly one attribute of
       these:

       name="string"
	   The user with the name string will be white-listed.

       id="integer"
	   The user with the id userid will be white-listed.

SEE ALSO

       firewall-applet(1), firewalld(1), firewall-cmd(1), firewall-config(1), firewalld.conf(5), firewalld.direct(5), firewalld.icmptype(5),
       firewalld.lockdown-whitelist(5), firewall-offline-cmd(1), firewalld.richlanguage(5), firewalld.service(5), firewalld.zone(5),
       firewalld.zones(5)

NOTES

       firewalld home page at fedorahosted.org:
	   http://fedorahosted.org/firewalld/

       More documentation with examples:
	   http://fedoraproject.org/wiki/FirewallD

AUTHORS

       Thomas Woerner <twoerner@redhat.com>
	   Developer

       Jiri Popelka <jpopelka@redhat.com>
	   Developer

firewalld 0.3.9 													     FIREWALLD.LOCKDOWN(5)
All times are GMT -4. The time now is 02:00 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy