This is a guide for newbies, as most of you as seen that in the documentation there is no information on how to open corectly the ports needed for sentora.
After you install sentora, type:
you will see something like this :
Make a backup first to the default iptables with the folowing command:
(you can set any name to the file)
Now from ssh client (i use Bitvise SSH Client) , type the folowing lines:
Final step type :
....to save the modifications and do a reboot on server.
You can do another backup for the new rules in case you will mess the iptables, and use the folowing command to restore it:
Now you have opened the tcp and udp ports, typing again iptables --list , will give you the new rules.
*Note: Iptables are found in /etc/sysconfig , you have 2 files iptables and ip6tables.
In the ip6tables file you will find only one rule listening and that is the the default one with the port 22 opened, don't modify anything on it.
***************************************************************************
If you want to delete a rule by chain an number in case you have typed wrong, you can enter this:
and will give you the rules from iptables.
Now type this :
where 1 is the line number that you want to delete.
Type again:
to save the iptables.
After you install sentora, type:
Code:
iptables --listyou will see something like this :
Code:
# Generated by iptables-save v1.4.7 on Sun May 15 16:44:19 2016
*nat
:PREROUTING ACCEPT [4:1532]
:POSTROUTING ACCEPT [4:335]
:OUTPUT ACCEPT [4:335]
COMMIT
# Completed on Sun May 15 16:44:19 2016
# Generated by iptables-save v1.4.7 on Sun May 15 16:44:19 2016
*mangle
:PREROUTING ACCEPT [210:29628]
:INPUT ACCEPT [210:29628]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [142:18726]
:POSTROUTING ACCEPT [142:18726]
COMMIT
# Completed on Sun May 15 16:44:19 2016
# Generated by iptables-save v1.4.7 on Sun May 15 16:44:19 2016
*filter
:INPUT ACCEPT [210:29628]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [142:18726]
COMMIT
# Completed on Sun May 15 16:44:19 2016Make a backup first to the default iptables with the folowing command:
Code:
iptables-save > /etc/sysconfig/iptables_sentora.backupNow from ssh client (i use Bitvise SSH Client) , type the folowing lines:
Code:
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 22 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 53 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 80 -j ACCEPT
iptables -A INPUT -p udp -m state --state NEW,ESTABLISHED -m udp --dport 53 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 20 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 21 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 25 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 110 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 143 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 443 -j ACCEPT
iptables -A INPUT -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 3306 -j ACCEPTFinal step type :
Code:
service iptables saveYou can do another backup for the new rules in case you will mess the iptables, and use the folowing command to restore it:
Code:
iptables-restore < /etc/sysconfig/iptables_sentora_2.backupNow you have opened the tcp and udp ports, typing again iptables --list , will give you the new rules.
*Note: Iptables are found in /etc/sysconfig , you have 2 files iptables and ip6tables.
In the ip6tables file you will find only one rule listening and that is the the default one with the port 22 opened, don't modify anything on it.
***************************************************************************
If you want to delete a rule by chain an number in case you have typed wrong, you can enter this:
Code:
sudo iptables -L --line-numbersNow type this :
Code:
sudo iptables -D INPUT 1Type again:
Code:
service iptables save