Securing Linode servers against attacks is really crucial. One of the best policy here would be to close all ports and keep only the required ports open.
To open a custom port, we need to modify the server firewall. Unfortunately, you can even lose Linode server connection with a bad firewall edit.
At Bobcares, we often get requests from Linode customers regarding port connectivity errors as part of our Managed Cloud Services.
Today, we’ll see how our Cloud Engineers open port in Linode server and fix typical connection errors.
When to open port in Linode?
Firstly, let’s see the scenarios where we need to open port in Linode. This happens mainly when there is an application running on your Linode on custom port.
Again, for security reasons, some server owners run common applications like SSH, mail service, etc. on alternate ports. Here also, we need to open the specific port in Linode server firewall.
Whatever be the case, for the service to work, we need to open the port without compromising the server security.
Methods to open port in Linode server
Luckily, there are different methods to open port in Linode server. And, these methods have different complexity levels too.
We’ll now take a look at the various ways to do this.
1. Using iptables
From our expertise in managing Linode servers, we see that iptables is a more common way to modify Linode firewall. This requires expertise in iptables rule formats. Any wrong command can result in becoming the entire server unreachable.
That’s why, our Dedicated Engineers always double check the iptables rules before saving them. And, the iptables command to open port 2525 on server would be:
iptables -A INPUT -p tcp --dport 2525 -j ACCEPT
You can familiarize yourself with iptables commands to make the task easier.
2. Using Firewalld
Similarly, in CentOS7 Linode servers, we can open port using the firewalld service. This also involves adding rules in the proper format. Again, this requires good knowledge of firewalld service.
Here, to open a port, say 2525, we need to add it to public zone using the command:
firewall-cmd --zone=public --add-port=2525/tcp
We can verify that this was successful using the –list-ports operation:
[root@lixx-xx1 ~]# firewall-cmd --zone=public --list-ports
2525/tcp
3. Using UFW
Adding iptables rules correctly need considerable expertise. Therefore, some Linode owners may not be comfortable with it. In such cases, our Support Engineers recommend them to use another firewall program called UFW (Uncomplicated Firewall).
To open port 2525 in Linode server using UFW, we need to use the command:
ufw allow 2525/tcp
How we fix Linode port connectivity?
Till now, we saw various ways to open port in Linode server. However, we often see customers reporting problems with connection on custom ports.
We’ll now see how our Dedicated Engineers troubleshoot and fix port restrictions in Linode.
As the primary step, we check and ensure that the port is listening inside the Linode server. For this, we use the command:
netstat -ltn
This would list all the listening service ports on the Linode.
Further, if there are further connection problems, we try disabling the Linode server firewall temporarily. If this allows connection on specific port, we know that it’s a server firewall issue.
When there are firewall restrictions, a telnet command to the port will look like :
Trying 50.xx.xx.241...
telnet: connect to address 50.xx.xx.241: No route to host
Occasionally, we suggest customer to check from another network. This would help us to isolate problems with customer’s network.
After making changes at the server firewall and customer network, the connection to port will work fine. And, it results in successful connection.
Conclusion
To open port in Linode server, we can use different methods like iptables, firewalld, etc. Today, we saw how our Support Engineers open port in Linode server and fix connectivity problems.
0 Comments