I have ISPConfig installed on a Fedora Core 4 box. ISPConfig is working perfectly. However, I also want to use my computer as a samba file server. I need to open up a few firewall ports to do this. I used the ISPConfig control panel and tried to open port 137. I restarted the firewall using the control panel. Before and after I did this, I ran nmap and got the following output: Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2005-08-05 13:54 EDT Interesting ports on ddnsserver1.hopto.org (192.168.0.10): (The 1644 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 25/tcp open smtp 53/tcp open domain 80/tcp open http 81/tcp open hosts2-ns 110/tcp open pop3 111/tcp open rpcbind 139/tcp open netbios-ssn 143/tcp open imap 443/tcp open https 445/tcp open microsoft-ds 734/tcp open unknown 761/tcp open kpasswd 993/tcp open imaps 995/tcp open pop3s 2049/tcp open nfs 3306/tcp open mysql 32770/tcp open sometimes-rpc3 Nmap finished: 1 IP address (1 host up) scanned in 0.253 seconds As the listing shows, port 137 is not open. How can I open up port 137?
Yes, you have to start Samba. You can run Code: iptables -L to see which ports are open in the firewall.
Samba is running Samba is running and working correctly. Also, I am aware of the command iptables -L listing the ports but the installation instructions for ISPConfig instructed me to turn the firewall off. This is why I used the command nmap to show the ports that are actually open.
Could this be an installation problem? I was wondering if this could be an installation problem. I followed the installation instructions for Fedora Core 4. However, instead of selecting the indicated packages to install, I selected everything. Is it possible that selecting everything to install is adding something that is setting up the firewall?
iptables output I executed /etc/init.d/iptables and got: Firewall is stopped. The output for iptables -L is: [root@ddnsserver1 servadmin]# /sbin/iptables -L Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED DROP all -- anywhere anywhere Chain INPUT (policy DROP) target prot opt source destination DROP tcp -- anywhere 127.0.0.0/8 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere DROP all -- anywhere anywhere Chain INT_IN (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere DROP all -- anywhere anywhere Chain INT_OUT (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere Chain PAROLE (10 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain PUB_IN (3 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp echo-reply ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp echo-request PAROLE tcp -- anywhere anywhere tcp dpt:ftp PAROLE tcp -- anywhere anywhere tcp dpt:ssh PAROLE tcp -- anywhere anywhere tcp dpt:smtp PAROLE tcp -- anywhere anywhere tcp dpt:domain PAROLE tcp -- anywhere anywhere tcp dpt:http PAROLE tcp -- anywhere anywhere tcp dpt:81 PAROLE tcp -- anywhere anywhere tcp dptop3 PAROLE tcp -- anywhere anywhere tcp dpt:https PAROLE tcp -- anywhere anywhere tcp dpt:10000 PAROLE tcp -- anywhere anywhere tcp dpt:netbios-ns ACCEPT udp -- anywhere anywhere udp dpt:domain DROP icmp -- anywhere anywhere DROP all -- anywhere anywhere Chain PUB_OUT (3 references) target prot opt source destination ACCEPT all -- anywhere anywhere
This looks like the ISPConfig firewall is running. You can control it from the web interface: Management -> Server -> Services.
The ISPConfig control panel was used I used the ISPConfig control panel at Management->Server->Services to try and open port 137. After I tried to open the port I ran the nmap command. The nmap command shows that port 137 is still closed. This thread is asking if anyone knows why port 137 is still closed even though the ISPConfig control panel was used to open port 137.
Problem appears to be solved The answer to the question, "why does nmap show that ports are closed when the ISPConfig says that they are open" is, don't trust nmap. I used ISPConfig to open the following ports: Samba 137 udp yes Samba 138 udp yes Samba 139 udp yes Samba 445 udp yes Samba 137 tcp yes Samba 138 tcp yes Samba 139 tcp yes Samba 445 tcp yes The nmap command shows that the ports are closed. However, I got on my Windows XP machine and my file share worked perfectly. The conclusion, therefore, seems to be, don't trust nmap to tell you what is actually open.
port 139 and Gaelicum.a virus many of the EXE files on my web sites keep getting infected with this virus. I tried to turn the ispconfig firewall on and block the port but now I can't even access the ispconfig admin web site. 1. How do I stop the ispconfig firewall from the commnad line? 2. How can I access the ispconfig admin screen without going through a browser?
Code: /etc/init.d/bastille-firewall stop You cannot access it at all then... You cannot block the ports 81 (ISPConfig) and 22 (SSH) from the ISPConfig web interface, so something weird must be going on on your system.
