Port is a communication endpoint used to connect to other systems on a network, and send & receive data packets with them. Generally, it is an application or process that listens to a port and uses it to communicate with other systems. Applications and systems use a combination of IP address and port numbers to communicate with another process on a different system. By default, all ports are closed on Linux and even other operating system. Often you may need to open port in Linux to enable an application or process to listen to it. In this article, we will learn how to open port in Linux.
How to Open Port in Linux
Here are the steps to open port in Linux. For our example, we will open port 8000 which is generally closed by default on all systems.
1. List Open Ports
The first step is to check if the port you need to open is already open. You can do this by piping the output of netstat command to grep command and search for the line containing the required port number.
netstat -na | grep :[port-number]
The netstat command above will list all open ports along with information about processes being run on them. Here is an example to check if port 8000 is open on your system.
$ netstat -na | grep :8000
If the port is closed, the above command will return no output.
2. Open Port in Linux
There are several ways to open ports in Linux, depending on the kind of firewalls set up on your system. Typically, there are three firewall systems on Linux – UFW (Ubuntu), iptables(non-UFW and non-firewalld) and firewalld (CentOS/RHEL). We will look at how to open port in Linux using each of these utilities.
Using UFW System
You can easily open port on Ubuntu based systems using UFW firewall with the following command.
sudo ufw allow [port-number]
Here is an example to open port 8000.
sudo ufw allow 8000
Alternatively, you can also open port by mentioning the specific service name and not the port number.
sudo ufw allow [service-name]
In fact, you can even open port by specifying the protocol name instead of port number. Here is an example to open port 443 by specifying HTTPS protocol.
sudo ufw allow https
Lastly, run the following command to enable all the rules.
sudo ufw enable
Using Firewalld
On CentOS and RHEL based systems, you can use firewalld utility to control port access. Here is the syntax to open specific port. The –permanent option ensures that the rules persist even after system reboot.
sudo firewall-cmd --zone=public --add-port=[port-number]/[protocol] --permanent
Here is an example to open port 8000.
sudo firewall-cmd --zone=public --add-port=8000 --permanent
Using Iptables
Many Linux systems still use iptables, an old but powerful utility to control port access. It allows you to filter IP packets using kernel firewall. Here is the command to open a port.
sudo iptables -A INPUT -p [protocol] --dport [port] -j ACCEPT
The above command will create an IP4 rule. To create an IP6 rule, use the following syntax.
sudo ip6tables -A INPUT -p [protocol] --dport [port] -j ACCEPT
Here is an example to open port 8000 using TCP protocol.
sudo iptables -A INPUT -p tcp --dport 8000 -j ACCEPT
Please note, the above iptables rules are not persistent and are erased on system reboot. To add persistent firewall rules in iptables, you need to follow these steps.
On Ubuntu/Debian Systems
First, save the iptables rules to another file. Please make sure you use the file names mentioned below as well as their file paths.
iptables-save > /etc/iptables/rules.v4
Similarly, store any IPv6 rules to a file.
ip6tables-save > /etc/iptables/rules.v6
Then install iptables-persistent package using the following command.
sudo apt install iptables-persistent
Once you have installed the above package, it will automatically reload rules.v4 and rules.v6 at system reboot.
On CentOS/RHEL Systems
Run the following commands to save the iptables rules to another file.
iptables-save > /etc/sysconfig/iptables ip6tables-save > /etc/sysconfig/ip6tables
Install iptables-services package.
sudo dnf install iptables-services
Start the service.
sudo systemctl start iptables
Enable the service.
sudo systemctl enable iptables
Save iptables rules.
sudo service iptables save
Restart to enforce the rules.
sudo systemctl restart iptables
Once you have opened ports using any of the above methods, use any of the following command to list open ports.
netstat -lntu OR ss -lntu OR netstat -na | grep :8000
In this article, we have learnt how to open port in Linux. You can use any of the above methods as per your requirements.
Also read:
How to Create Remote Git Repository
How to Enable Keep Alive in NGINX
How to Use Git Shallow Clone
How to Redirect 403 to 404 in Apache
How to Install Pip in Ubuntu
Related posts:
Sreeram Sreenivasan loves coding & writing tech articles. He has helped many Fortune 500 companies in the areas of BI & software development. He has more than 10 years of experience in web development, Python, Linux, SQL and database programming.