Koozali.org: home of the SME Server

Opening a port without specifica service

Offline smnirosh

  • ****
  • 329
  • +0/-0
  • Learning never ends
Opening a port without specifica service
« on: March 18, 2020, 07:59:37 PM »
Hello friends, I just posted a problem I had one day ago about licensing server.
I have read the https://wiki.contribs.org/Firewall#Custom_templates topic and found there is the method only to close the port. To open the port what changes i have to amend and how to open the port without specifying a service associated it? Thanks

Offline janet

  • ****
  • 4,812
  • +0/-0
Re: Opening a port without specifica service
« Reply #1 on: March 19, 2020, 03:24:07 AM »
smnirosh

You do not give specifics & details about what you are trying to achieve, so the best advice to give is unknown.

Take a look at the Port Forwarding panel, & use localhost as the destination, leave Allow Hosts blank

Quoting the panel text:
"Configure Port Forwarding
You can use this panel to modify your firewall rules so as to open a specific port on this server and forward it to another port on another host. Doing so will permit incoming traffic to directly access a private host on your LAN.
WARNING: Misuse of this feature can seriously compromise the security of your network. Do not use this feature lightly, or without fully understanding the implications of your actions.

Configure Port Forwarding
Select the protocol, the port you wish to forward, the destination host, and the port on the destination host that you wish to forward to. If you wish to specify a port range, enter the lower and upper boundaries separated by a hyphen. The destination port may be left blank, which will instruct the firewall to leave the source port unaltered."


Alternatively right at the start of that Firewall article is this link:
https://wiki.contribs.org/Firewall#Additional_information_on_customizing_iptables

Note this comment:
Apply your desired firewall restrictions to any existing SME 'service' or to a custom-named service that you have created. Combine a custom-named service with port-forwarding to create customized firewall rules.
Please search before asking, an answer may already exist.
The Search & other links to useful information are at top of Forum.

Offline smnirosh

  • ****
  • 329
  • +0/-0
  • Learning never ends
Re: Opening a port without specifica service
« Reply #2 on: March 21, 2020, 12:34:48 PM »
Thanks very much janet for your commenting upon my question. I used webgui to configure it easily.

Offline ReetP

  • *
  • 3,722
  • +5/-0
Re: Opening a port without specifica service
« Reply #3 on: March 21, 2020, 03:27:05 PM »
The masq templates already automatically look for any service that is enabled and public and will open a port.

If you JUST want to open a port to THIS server you can add a dummy service.

For instance you are running some local software with a virtual host on port 1243

Code: [Select]
config set myservice service TCPPort 1234 access public status enabled
Code: [Select]
signal-event remoteaccess-update
That will add a rule in the firewall to open that port to a local service.

You can add items like AllowHost and DenyHosts as well if required.

(that should be correct if I remember rightly)
...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation