Desbloqueio de PORTAS debian 10

1. Desbloqueio de PORTAS debian 10

Venicius Back
ViniciuSBacK

(usa Ubuntu)

Enviado em 29/09/2019 - 13:15h

Boa tarde senhores
-> Tenho um servidor ZABBIX instalado no DEBIAN 10
-> Preciso liberar a porta 10051 -> Para utilizar Um Trapper.
Porém:
Digito o comando
nmap -v localhost 

Ele retorna
Starting Nmap 7.70 ( https://nmap.org ) at 2019-09-29 13:13 -03
Initiating SYN Stealth Scan at 13:13
Scanning localhost (127.0.0.1) [1000 ports]
Discovered open port 80/tcp on 127.0.0.1
Discovered open port 22/tcp on 127.0.0.1
Discovered open port 631/tcp on 127.0.0.1
Discovered open port 5432/tcp on 127.0.0.1
Completed SYN Stealth Scan at 13:13, 1.59s elapsed (1000 total ports)
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000024s latency).
Other addresses for localhost (not scanned): ::1
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
631/tcp open ipp
5432/tcp open postgresql

Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 1.65 seconds
Raw packets sent: 1061 (46.684KB) | Rcvd: 2126 (89.300KB)

Digito o comando
sudo iptables -I INPUT  -p tcp --dport 10051 -j ACCEPT 

Digito o comando
sudo iptables -L localhost 

Retorna
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:zabbix-trapper

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Entretanto quando rodo novamente o
nmap -v localhost 

Ele retorna
Starting Nmap 7.70 ( https://nmap.org ) at 2019-09-29 13:13 -03
Initiating SYN Stealth Scan at 13:13
Scanning localhost (127.0.0.1) [1000 ports]
Discovered open port 80/tcp on 127.0.0.1
Discovered open port 22/tcp on 127.0.0.1
Discovered open port 631/tcp on 127.0.0.1
Discovered open port 5432/tcp on 127.0.0.1
Completed SYN Stealth Scan at 13:13, 1.59s elapsed (1000 total ports)
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000024s latency).
Other addresses for localhost (not scanned): ::1
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
631/tcp open ipp
5432/tcp open postgresql

Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 1.65 seconds
Raw packets sent: 1061 (46.684KB) | Rcvd: 2126 (89.300KB)

Não lista a porta 10051 como aberta!
E quando reinicio o server, e digito o comando
sudo iptables -L localhost 
, ele retorna "sem a regra criada".

Qual o erro estou cometendo?

Muito Obrigado!


  


2. Re: Desbloqueio de PORTAS debian 10

Gabriel
rabbit

(usa Debian)

Enviado em 29/09/2019 - 19:57h

Fala aí mano.

Verifica se o zabbix está rodando nessa porta.

#netstat -tln | grep 10051

A sintaxe do comando está correta, mais o iptables tá aceitando tudo, então no caso nem precisa da regra.


x.x
run rabbit run


3. Re: Desbloqueio de PORTAS debian 10

Gabriel
rabbit

(usa Debian)

Enviado em 29/09/2019 - 20:10h

ViniciuSBacK escreveu:

Boa tarde senhores
-> Tenho um servidor ZABBIX instalado no DEBIAN 10
-> Preciso liberar a porta 10051 -> Para utilizar Um Trapper.
Porém:
Digito o comando
nmap -v localhost 

Ele retorna
Starting Nmap 7.70 ( https://nmap.org ) at 2019-09-29 13:13 -03
Initiating SYN Stealth Scan at 13:13
Scanning localhost (127.0.0.1) [1000 ports]
Discovered open port 80/tcp on 127.0.0.1
Discovered open port 22/tcp on 127.0.0.1
Discovered open port 631/tcp on 127.0.0.1
Discovered open port 5432/tcp on 127.0.0.1
Completed SYN Stealth Scan at 13:13, 1.59s elapsed (1000 total ports)
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000024s latency).
Other addresses for localhost (not scanned): ::1
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
631/tcp open ipp
5432/tcp open postgresql

Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 1.65 seconds
Raw packets sent: 1061 (46.684KB) | Rcvd: 2126 (89.300KB)

Digito o comando
sudo iptables -I INPUT  -p tcp --dport 10051 -j ACCEPT 

Digito o comando
sudo iptables -L localhost 

Retorna
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:zabbix-trapper

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Entretanto quando rodo novamente o
nmap -v localhost 

Ele retorna
Starting Nmap 7.70 ( https://nmap.org ) at 2019-09-29 13:13 -03
Initiating SYN Stealth Scan at 13:13
Scanning localhost (127.0.0.1) [1000 ports]
Discovered open port 80/tcp on 127.0.0.1
Discovered open port 22/tcp on 127.0.0.1
Discovered open port 631/tcp on 127.0.0.1
Discovered open port 5432/tcp on 127.0.0.1
Completed SYN Stealth Scan at 13:13, 1.59s elapsed (1000 total ports)
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000024s latency).
Other addresses for localhost (not scanned): ::1
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
631/tcp open ipp
5432/tcp open postgresql

Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 1.65 seconds
Raw packets sent: 1061 (46.684KB) | Rcvd: 2126 (89.300KB)

Não lista a porta 10051 como aberta!
E quando reinicio o server, e digito o comando
sudo iptables -L localhost 
, ele retorna "sem a regra criada".

Qual o erro estou cometendo?

Muito Obrigado!


Só para explicar:

O iptables retorna sem regra ao reiniciar porque ele fica salvo na memória.
Pra manter salvo você tem que dar o comando iptables-save, criar um script e colocar ele pra iniciar com o comando iptables-restore.

Basicamente falando.



x.x
run rabbit run






Patrocínio

Site hospedado pelo provedor RedeHost.
Linux banner

Destaques

Artigos

Dicas

Tópicos

Top 10 do mês

Scripts