0

I am working on a simple Node.js app. This requires a particular port to be open. For example if I want the app to listen to port (say) 5122, I will have to first open the port 5122. For this I have applied the following rule in my iptables

iptables -I INPUT 3 --proto tcp --dport 5122 -j ACCEPT
service iptables save

Initially this worked for me. But suddenly after some it stopped working. I now, wanted to check whether the port 5122 is really open or not. I issued the command

nmap -sT -O localhost

I don’t see any such ports listed here. But

sudo iptables -L shows it like this -

ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:5122 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:5122

I see this line 2 times. Still confused! No idea.

I now opened the following url http://www.yougetsignal.com/tools/open-ports/ and entered my host IP and Port and it says, Port 5122 is closed on 50.56.246.162 (which is my host IP)

My question is how do I permanently keep a particular port open for listening.

Any help would be highly appreciated.

Jay
  • 744
  • 4
  • 14
  • 30

1 Answers1

2

You need to start running your application (using that port number) for the port to appear as open. As soon as it starts running and successfully listening on Port 5122, a local nmap scan will list that port as being open.

You only need to modify firewall rules once your application works to your satisfaction and you want to allow access to it from external host(s).

The output of iptables -L shows that your iptables command has successfully modified the firewall rules to allowed external access to your application. In fact, it looks like you inserted the rule twice; this doesn’t do any harm as the second rule won’t be processed.

Explanation

By default, all TCP and UDP ports are closed (not in a listening state). Only when a server or similar program opens a network socket and starts “listening” to a port number will that port appear to be open.

E.g., running nmap -sT localhost locally on my server shows that most ports are closed and only lists the ones that are open:

Nmap scan report for localhost (127.0.0.1)
Host is up (0.00019s latency).
rDNS record for 127.0.0.1: localhost.localdomain
Not shown: 995 closed ports
PORT     STATE SERVICE
25/tcp   open  smtp
80/tcp   open  http
3306/tcp open  mysql

A firewall such as Netfilter / iptables can be used to selectively block access to ports whether they’re already open or not. In this case, those ports are considered to be filtered – though confusingly, some people and websites refer to filtered ports as being “closed” and the act of removing the firewall filter as “opening” a port.

E.g. running nmap -sT server.name on the same server from an external host reports different results since now the packets from the remote host are being filtered by the firewall:

Interesting ports on server.name (78.47.203.133):
Not shown: 1679 filtered ports
PORT   STATE SERVICE
80/tcp open  http

Note that locally, ports 25 and 3306 are open but from an external perspective they are shown as being filtered.

Anthony Geoghegan
  • 11,533
  • 5
  • 49
  • 56