Opening up a port with IPTables
After a lot of hair pulling and swearing I just managed to open up a new port (8090) on a Ubuntu server for the first time. The IPTables HowTo is a good document but below I have condensed the pertinent information you need if you just want to open up a port.
There are a lot of cryptic commands that will allow you to add rules and so on without actually editing a file. This might be fine if one actually had the time to decryptify them, which, sadly, I didn’t.
No the easiest way is simply to save and edit the config file manually, that way you instantly get a feel for what needs to be done. This is done by running the following:
iptables-save > /etc/iptables.rules
root@ubuntu:~# nano /etc/iptables.rules
Which in my case showed me the following (note that I have omitted a lot of similar rows):
root@ubuntu:~# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh state NEW
.
.
.
ACCEPT tcp -- anywhere anywhere tcp dpt:8090 state NEW
DROP all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state NEW,RELATED,ESTABLISHED
Aha so that last line in the INPUT section just before the DROP statement was added by me to open up 8090.
After that I ran the following:
root@ubuntu:~# iptables-restore < /etc/iptables.rules
root@ubuntu:~# iptables-save
Note the final iptables-save command there to store the new configuration permanently.