CentOS/Linux Block External Port

Question

Suppose I have an internal service running on port 7676, how would I (On CentOS) block port 7676 from external sources, so that it can only be accessed locally - AKA 127.0.0.1, not using, for example, 64.222.33.44 - the external IP.

You use `iptables`. Read `man iptables` to learn how. – dawud Jun 21 '14 at 22:27 — dawud, Jun 21 '14 at 22:27

score 3 · Accepted Answer · answered Jun 21 '14 at 22:29

3

You could use iptables for this. What you have go do is insert a DROP rule into the INPUT chain for packets with a destination address of your external IP 64.222.33.44 and a destination port of 7676.

answered Jun 21 '14 at 22:29

user9517

115,471
20
215
297

score 2 · Answer 2 · answered Jun 21 '14 at 22:40

2

If the service software allows binding to specific IP addresses, you can bind it to 127.0.0.1 address.

This means it will listen to requests only arriving via the localhost interface.

answered Jun 21 '14 at 22:40

Tero Kilkanen

36,796
3
41
63

score 2 · Answer 3 · edited Jun 22 '14 at 06:44

2

iptables -A INPUT -p tcp --dport 7676 -s 64.222.33.44 -j ACCEPT

iptables -A INPUT -p tcp --dport 7676 -j DROP

edited Jun 22 '14 at 06:44

dawud

15,096
3
42
61

answered Jun 21 '14 at 23:40

Innovator

507
2
11

CentOS/Linux Block External Port

3 Answers3