Ports in any system located in a common network hierarchy play the role of connecting elements. Knowing which one is open or closed, an application from one node can send a message to the same application on another. Why and how you can open the port in Linux, this article will tell.
Bit of theory
The port is expressed by a number from 0 to 65535. Many values ββare registered for official needs, some can be used arbitrarily. The port defines a kind of address refinement. For example, a certain resource has a web server running at home.
To know where to specifically contact, the computer requesting information from it must know at least IP. But if there are several different services on the resource, how do you know where exactly you need to forward the request? This is where the port comes in handy. Knowing its number, the computer, using the IP address and port, will be able to accurately send a request to the server.
Difficulty in work
Due to the fact that many programs that use ports are not always ideal in terms of security, an open port can be a potential vulnerability for penetration and unauthorized access. Therefore, you need to monitor the use of ports in the system or in any way control their traffic.
List of the most popular port values
The range of numbers from 0 to 1023 is used for use by system programs and applications:
- 21 - is used by the FTP data transfer protocol;
- 22 - SSH Secure Shell Service;
- 23 - Telnet;
- 25 is a protocol for transmitting mail messages;
- 80 - transmission of HTTP traffic. Used by web servers;
- 110 - POP3 (another mail protocol).
These values ββare reserved and used by the system by default. Many of the remaining ports can be used at will.
How to check open ports on Linux
There are built-in tools for this. They show which ports on Linux are open. The first one is netstat.
An example of its use: sudo netstat -ntulp
The key set following the command itself represents additional parameters:
- -l. Means that you need to show only those ports that are currently being listened to;
- -p. A more detailed reflection of information about the application using the port. In particular, its name and process ID will be displayed;
- -t. List TCP ports ;
- -u. The same, only with UDP;
- -n. Indicates IP addresses will be displayed as numbers.
How to open port in Linux
This procedure may be needed in the process of developing any web application that has a connection with an external server. Before you open a port, you must first check to see if it is already open. This will help the procedure presented above.
To open, use the iptables utility. To check if it even exists on the system, type the command in the console: iptables --list
As a result, the output will be displayed, indicating that the utility is working and present in the system. Now it remains to open the port in Linux. To do this, use the command:
iptables -A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
Here, key A means that you need to add a new rule to an existing chain. INPUT indicates that the open port will be incoming. The -p switch says that the type of protocol is specified next, in this case TCP. Dport means the destination port, here it is 53. Well, and ACCEPT - allow connections.
In fact, iptables has a lot more keys, which opens up great opportunities for more fine-tuning and ways to open a port in Linux.