Home / server / Questions / 422896
Accepted
MacMac
Asked: 2012-08-31 06:18:32 +0800 CST

How to open UDP port 7777 from iptables/firewall on Ubuntu 11.04

  • 772

I need to enable the port 7777 from my VPS which runs Ubuntu 11.04, I have added rules from the iptables which is listed here,

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     udp  --  anywhere             anywhere            udp dpt:7777 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     udp  --  anywhere             anywhere            udp dpt:7777 

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     udp  --  anywhere             anywhere            udp dpt:7777

However, when I telnet to port 7777, it says connection refused from my side, telnet xx.xx.xx.xx 7777, even if I telnet on the server with telnet localhost 7777.

How should I effectively open it to allow connections to port 7777 to my server?

ubuntu

3 Answers

  1. Best Answer

    telnet uses TCP. If there is no TCP listener on the port you specify, then the connection request will be refused. Try using nc instead:

    $ nc -zu <IP> 7777
$ echo $?
0

    Exit status 0 returned means that this port is open.

    or nmap:

    $ sudo nmap -p 7777 -sU -P0 <IP>

    for e.g:

    $ sudo nmap -p 9 -sU -P0 192.168.6.142

Starting Nmap 5.51 ( http://nmap.org ) at 2012-08-30 21:31 ICT
Nmap scan report for (192.168.6.142)
Host is up.
PORT  STATE         SERVICE
9/udp open|filtered discard

Nmap done: 1 IP address (1 host up) scanned in 2.12 seconds
    • 3

  2. You are actually allowing all traffic to pass through your firewall. The default policy of all chains is set to ACCEPT and you don't have any DROP rule.

    As for the connection refused error, you are trying to connect using telnet and this tries to established TCP-based connection. To test UDP connectivity, you need to use netcat or nc with -u option.

    You can check whether the requested service is listening on the port 7777, you can use:

    netstat -anp | grep 7777
    • 2

  3. Are you positive there is a service running on that port? netstat -n to be sure.

    The default policy for this chain is ACCEPT. So there is actually no block active currently. Flush all the chains and all the tables, reboot and try telnetting.

    Let us know.

    • 0