Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to check the IP:PORT firewall uses?
Top Forums Shell Programming and Scripting How to check the IP:PORT firewall uses? Post 303004043 by bakunin on Monday 25th of September 2017 05:11:04 PM
Old 09-25-2017
Quote:
Originally Posted by mohtashims
2. Also, from @Chubler_XL's statement I understand that there is no way to remotely monitor the firewall like we monitor SMTP [port 25] or SSH [port 22].
Correct.

A firewall is not a service, but a software controlling the network operation of a system:

Let us start with a router: a router basically is a system with two network interfaces which stand in different IP-networks and a machinery in between which relays traffice between these two networks from one interface to the other, based on some rules (the "routing table"). Routing takes place on layer 3 of the network and hence the router "operates at layer 3".

A firewall is a similar machinery but operates on (more correctly: on top of) layer 4: again two network interfaces homed in different IP-networks, but the machinery (usually some software - the firewall process) in between operates on layer 4 and relays layer-4-packets (TCP, UDP, and similar protocols) between these two interfaces.

Per default all packets are "not relayed" (blocked) this way. By configuring rules some of these packets are allowed nonetheless and therefore indeed relayed.

There are two fundamental ways such firewalls operate: packet-filtering and stateful inspection.

In packet filtering the rules state which port of a certain IP on one side may communicate with which port on which IP on the other side. No effort is made to monitor the communication other than allowing some IP/port/destination/origin-combinations and blocking everything else.

Stateful inspection is different: packets are interpreted and their content is checked. Packets (or, rather, whole connections) are allowed/disallowed based on these checks. This needs a lot more computing and is a lot more intrusive than packet filtering and therefore real-world firewalls are usually a combination of both packet filters and some stateful inspection.

I hope this helps.

bakunin
 

10 More Discussions You Might Find Interesting

1. IP Networking

how can i check if port is busy or if someone is using it ?

Hello i have application that using ports , how can i check if the port im using is not captured by any applications? (1 Reply)
Discussion started by: umen
1 Replies

2. Solaris

How to open SSH port on firewall?

Hi, So that potential responders will have an idea of what they're dealing with let me say that while I am a UNIX newbie I have been in IT for over 10 years. We have several SUN boxes running ver 5 of the OS that have been sitting dormant for some time as they were part of a now defunct... (3 Replies)
Discussion started by: pjewett
3 Replies

3. Linux

can ping without firewall; no port 631

Well, since I wrote the below, I've learned a little more about Samba, and got them to at least acknowledge each other. Still can't use Gaurd dog. Still cant print from one to the other. I'm learning I'm learning I recently installed mepis 7 on both my laptop and laptop. (I came... (0 Replies)
Discussion started by: Sonshyne5
0 Replies

4. Linux

using firewall to block port

Hi, I will like to allow access to the mysql port (3306) to certain IP address. All other IP's should be automatically blocked. What is the best way to do this? (8 Replies)
Discussion started by: shantanuo
8 Replies

5. UNIX for Dummies Questions & Answers

How do you check whether a port currently being used?

Hi, Please help me out, how to check whether a port currently being used or not. is there any command which give the result? Thanks Rajesh (6 Replies)
Discussion started by: rajesh08
6 Replies

6. IP Networking

Is there any way to add an exception for a port in the firewall setting, permanently?

Hello, I want to add a port in the firewall exception list so that my application can be accessed over network even if firewall is disabled. I am using iptables command to add exception. The problem is, after setting the rule if I change the firewall setting i.e. on/off then it is overwriting... (1 Reply)
Discussion started by: senrooy
1 Replies

7. Shell Programming and Scripting

Firewall Check Script

Hello, I made a following script that check every 5 minutes to check firewall is running or not, if firewall down that raise an alert only once, but following script generate an alert every 5 minutes according to cronjob: FILE="/var/log/fwstatus" CHK="/tmp/fwstatus" service... (1 Reply)
Discussion started by: telnor
1 Replies

8. UNIX for Dummies Questions & Answers

Rsync port and firewall

hi guys I doing some collocation for a customer, customer requested to use other port for ssh not the default one. OK no problem and customer will be using rsync to sync backups among other things I know we have to open port let's say port 5999 for ssh since we are using that one now but I... (1 Reply)
Discussion started by: karlochacon
1 Replies

9. Shell Programming and Scripting

Good way to check firewall port on Linux centos 7

Hi, I need to know what kind of firewall settings does the linux box have? Is port 25 blocked in any way? Linux techx 3.10.0-514.10.2.el7.x86_64 #1 SMP Fri Mar 3 00:04:05 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux I'm coming from this thread. (1 Reply)
Discussion started by: mohtashims
1 Replies

10. Shell Programming and Scripting

Unable to open firewall port for external traffic.

Below is what i did to open the firewall port on # sudo firewall-cmd --zone=public --add-port=27012/tcp --permanent Warning: ALREADY_ENABLED: 27012:tcp success # sudo firewall-cmd --reload success # firewall-cmd --list-all public target: default icmp-block-inversion: no ... (10 Replies)
Discussion started by: mohtashims
10 Replies

LEARN ABOUT DEBIAN

stone

stone(1)						      General Commands Manual							  stone(1)

NAME

       stone - a simple TCP/IP packet repeater

SYNOPSYS

       stone [-d] [-n] [-u max] [-f n] [-l] [-z SSL] st [-- st] ...

OPTIONS

       -d     Increase the debug level.

       -z     SSL encryption.

       -n     IP addresses and service port numbers are shown instead of host names and service names.

       -u max max is integer. The program will memorize max sources simultaneously where UDP packets are sent.

       -f n   n is integer. The program will spawn n child processes.

       -l     Sends error messages to the syslog instead of stderr.

       st     is one of the followings; Multiple st can be designated, separated by --.
	      (1)    host:port sport [xhost ...]
	      (2)    host:port shost:sport [xhost ...]
	      (3)    display [xhost ...]
	      (4)    proxy sport [xhost ...]
	      (5)    host:port/http request [hosts ...]
	      (6)    host:port/proxy header [hosts...]

       The  program  repeats the connection on port sport to the other machine host port port.	If the machine, on which the program runs, has two
       or more interfaces, type (2) can be used to repeat the connection on the specified interface shost.

       display [xhost ...]
	      Abbreviating notation.  The program repeats the connection on display number display to the X server designated by  the  environment
	      variable DISPLAY.

       proxy sport [xhost ...]
	      Http Proxy.  Specify the machine, on which the program runs, and port sport in the http proxy settings of your WWW browser.

       host:port/http request [hosts ...]
	      Repeats packets over http request.  request is the request specified in HTTP 1.0.  host:port/proxy header [hosts...]

       host:port/proxy header [hosts...]
	      Type (6) repeats http request with header in the top of request headers.

       xhost  Only machines xhost can connect to the program.

       xhost/mask
	      Only  machines on specified networks are permitted to connect to the program.  In the case of class C network 192.168.1.0, for exam-
	      ple, use 192.168.1.0/255.255.255.0.

       sport/udp
	      Repeats UDP packets instead of TCP packets.

       port/ssl
	      Repeats packets with encryption.

       sport/ssl
	      Repeats packets with decryption.

       sport/http
	      Repeats packets over http.

DESCRIPTION

       Stone is a TCP/IP packet repeater in the application layer.  It repeats TCP and UDP packets from inside to outside of a firewall,  or  from
       outside to inside.

       Stone has following features:

       1. Stone supports Win32.
	      Formerly, UNIX machines are used as firewalls, but recently WindowsNT machines are used, too.  You can easily run Stone on WindowsNT
	      and Windows95.  Of course, available on Linux, FreeBSD, BSD/OS, SunOS, Solaris, HP-UX and so on.

       2.  Simple.
	      Stone's source code is only 2000 lines long (written in C language), so you can minimize the risk of security holes.

       3.  Stone supports SSLeay.
	      Using SSLeay developed by Eric Young, Stone can encrypt/decrypt packets.

       4.  Stone is a http proxy.
	      Stone can also be a tiny http proxy.

EXAMPLES

       outer:	 a machine in the outside of the firewall
       inner:	 a machine in the inside of the firewall
       fwall:	 the firewall on which the stone is executed

       stone 7 outer
	    Repeats the X protocol to the machine designated by the environmental variable DISPLAY.  Run X clients under DISPLAY=inner:7 on outer.

       stone outer:telnet 10023
	    Repeats the telnet protocol to outer.
	    Run telnet fwall 10023 on inner.

       stone outer:domain/udp domain/udp
	    Repeats the DNS query to outer.
	    Run nslookup - fwall on inner.

       stone outer:ntp/udp ntp/udp
	    Repeats the NTP to outer.
	    Run ntpdate fwall on inner.

       stone localhost:http 443/ssl
	    Make WWW server that supports https.
	    Access https://fwall/ using a WWW browser.

       stone localhost:telnet 10023/ssl
	    Make telnet server that supports SSL.
	    Run SSLtelnet -z ssl fwall 10023 on inner.

       stone proxy 8080
	    http proxy.

       Where fwall is a http proxy (port 8080):

       stone fwall:8080/http 10023 'POST http://outer:8023 HTTP/1.0'
       stone localhost:telnet 8023/http
	      Run stones on inner and outer respectively.
	      Repeats packets over http.

       stone fwall:8080/proxy 9080 'Proxy-Authorization: Basic c2VuZ29rdTpoaXJvYWtp'
	      for browser that does not support proxy authorization.

COPYRIGHT

       All rights about this program stone are reserved by the original author, Hiroaki Sengoku.  The program is free  software;  you  can  redis-
       tribute it and/or modify it under the terms of the GNU General Public License (GPL).

NO WARRANTY

       This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY.

AUTHOR

       Hiroaki Sengoku
       sengoku@gcd.org
       http://www.gcd.org/sengoku/

								    Version 2.0 							  stone(1)
All times are GMT -4. The time now is 01:15 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy