Thursday, November 28, 2013

Easily open port and service on iptables using lokkit

Lokkit is an iptable manipulating tool, and it belongs to system-config-firewall-base rpm package. This tool has many usage, but in this article, I just want to share on how to open a port in iptables using lokkit. Let's say we want to open a tcp port 1234, below is the command to do it (you must be root, or using sudo do execute this):

# lokkit -q -p 1234:tcp

where -q is for quiet mode, where no message will appear once the operation is done, and -p is for the port and protocol, in this case port 1234 using tcp protocol.

If you want to open a common service like ssh, it can be done easily by using the -s flag
# lokkit -s ssh

To list all available services that lokkit can manage, use:
# lokkit --list-services

Predefined Services with Default Environment:

ipp-client: Network Printing Client (IPP)

    default: desktop

ipp: Network Printing Server (IPP)

mdns: Multicast DNS (mDNS)

    default: desktop

ipsec: IPsec

    default: desktop

ssh: SSH



    default: server

...

To see more verbose output, you can use -v flag, like below:
# lokkit -s tftp -v
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Unloading modules:                               [  OK  ]
ip6tables: Flushing firewall rules:                        [  OK  ]
ip6tables: Setting chains to policy ACCEPT: filter         [  OK  ]
ip6tables: Unloading modules:                              [  OK  ]
iptables: Applying firewall rules:                         [  OK  ]
ip6tables: Applying firewall rules:                        [  OK  ]



No comments: