Web Hosting Talk : Web Hosting Main Forums : VPS Hosting : All ports blocked but one... SSH (22)

[gigist]

Greets,

Let me know if this is in the wrong section .

So, I'm running into a little issue here. My VPS is showing all ports blocked but one (SSH)... checked this through nmap and various online port checking websites. I need a specific port open but have no idea how to go about it.

OS = CentOS 5

I have used multiple commands to open the iptables (disable it altogether) but it's not happening.

Have used:

Code:

iptables -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 443 -j ACCEPT

Code:

service iptables stop
chkconfig iptables off

Is it possible the VPS provider is blocking all the ports (NAT)? I dunno... I'm clueless.

Thanks for your time!

[quantumphysics]

Whos your provider? I know Amazon EC2 forces ports closed before it hits your vps (default is ssh only)

[LVPSHosting]

They may have central firewall where your ISP IP address is blocked. Contact them and tell them about this problem.

[PogiWeb]

That is strange and it appears to be some issue with the hostnode.

[misspink]

try iptables -F

[gigist]

Quote:

Originally Posted by quantumphysics

Whos your provider? I know Amazon EC2 forces ports closed before it hits your vps (default is ssh only)

Hostrail

Quote:

Originally Posted by LVPSHosting

They may have central firewall where your ISP IP address is blocked. Contact them and tell them about this problem.

Yeah I sent them a ticket before I wrote this thread. No reply just yet.

Quote:

Originally Posted by PogiWeb

That is strange and it appears to be some issue with the hostnode.

Yeah, possibly. I was pretty shocked to see all the ports closed.

Quote:

Originally Posted by misspink

try iptables -F

Just did. Doesn't return any feedback. Ports still not open (none opened).

Thanks for your time!

[misspink]

I'm pretty sure that the port scanner websites only show ports in use, for example, this is my webserver:

178.239.52.32 is responding on port 21 (ftp).
178.239.52.32 isn't responding on port 23 (telnet).
178.239.52.32 isn't responding on port 25 (smtp).
178.239.52.32 is responding on port 80 (http).
178.239.52.32 isn't responding on port 110 (pop3).
178.239.52.32 isn't responding on port 139 (netbios-ssn).
178.239.52.32 isn't responding on port 445 (microsoft-ds).
178.239.52.32 isn't responding on port 1433 (ms-sql-s).
178.239.52.32 isn't responding on port 1521 (ncube-lm).
178.239.52.32 isn't responding on port 1723 (pptp).
178.239.52.32 is responding on port 3306 (mysql).
178.239.52.32 isn't responding on port 3389 (ms-wbt-server).
178.239.52.32 isn't responding on port 5900 ().
178.239.52.32 isn't responding on port 8080 (webcache).

However, I'm not blocking any ports.

[gigist]

Quote:

Originally Posted by misspink

I'm pretty sure that the port scanner websites only show ports in use, for example, this is my webserver:

178.239.52.32 is responding on port 21 (ftp).
178.239.52.32 isn't responding on port 23 (telnet).
178.239.52.32 isn't responding on port 25 (smtp).
178.239.52.32 is responding on port 80 (http).
178.239.52.32 isn't responding on port 110 (pop3).
178.239.52.32 isn't responding on port 139 (netbios-ssn).
178.239.52.32 isn't responding on port 445 (microsoft-ds).
178.239.52.32 isn't responding on port 1433 (ms-sql-s).
178.239.52.32 isn't responding on port 1521 (ncube-lm).
178.239.52.32 isn't responding on port 1723 (pptp).
178.239.52.32 is responding on port 3306 (mysql).
178.239.52.32 isn't responding on port 3389 (ms-wbt-server).
178.239.52.32 isn't responding on port 5900 ().
178.239.52.32 isn't responding on port 8080 (webcache).

However, I'm not blocking any ports.

http://www.yougetsignal.com/tools/open-ports/
^^ one of the websites I used.

And I nmap'd from another linux box here at home. Nothing is open (22 and 3 other ports listening). When I was running Ubuntu w/Gnome on the same VPS, I was able to use VNC but now the VNC port is closed no matter what I do.

I'm fairly confused.

[sleddog]

All ports are "closed" by default. If you want to (for example) serve web traffic on port 80, then you must run an HTTP daemon listening on port 80. Then port 80 is "open".

You can see which daemons are running and listening on ports with this command:

netstat -lt

[gigist]

Quote:

Originally Posted by sleddog

All ports are "closed" by default. If you want to (for example) serve web traffic on port 80, then you must run an HTTP daemon listening on port 80. Then port 80 is "open".

You can see which daemons are running and listening on ports with this command:

netstat -lt

Did that -- only SSH shows.

Can you by chance write down the commands to do this? I'd greatly appreciate it.

I have a game server running right now and it's not showing up on that list.

Thanks

[iTom]

If it only shows SSH then you need to install the services you want...

They aren't close, there is just nothing bound to them. What services are you trying to setup?

[gigist]

It's a game server and it's running right now. I can connect to it if I input the IP:port manually but it won't be listed publicly until the port opens.

Which doesn't make sense to me because if I can connect to it... it can't be blocked? Tried to input the port forward in HyperVM but it says the connection was refused.

[sleddog]

Provide the complete output from these commands, then someone may be able to help you...

netstat -lt

ps aux

[LinologyNetworksLLC]

Have you tried using the built-in tool for managing the firewall. Your iptables may be mangled...no pun intended

system-config-securitylevel-tui

[gigist]

Just wanted to update this really quick. Everything is good now... flushing the firewall rules works now (didn't before). No clue, lol. Thanks for the replies/help.

Cheers