Socket connection to port fails despite port open / listening !

Hi all,

I have opened port 5129 on 2 linux machines (CENTOS) and they are
listening - 1 machine accepts socket connections from a third windows
machine (all on same network) and the 1 doesnt !! What can I check ?

1- I ran this to verify ports:
open(PRTCP,'/proc/net/tcp');while(<PRTCP>){
chomp;next if/^\s*$/;s/^\s*//;s/\s*$//;next
if/^sl/;split/\s+/;@p=split':',$_[1];$h{hex
$p[1]}=$_[7];}foreach(sort{$a<=>$b}keys%h){
print$_,"\t",[getpwuid($h{$_})]->[0],"\n"};

RESULT: 5129 jack

2- "netstat -tap" shows its listening :
tcp 0 0 *:51295
*:* LIST
EN 7379/jacksprogram

3- iptables:
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -
j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5129
-j ACCEPT
COMMIT

On Dec 19, 8:33 am, Jack <jack_posem...@yahoo.com> wrote:
> Hi all,
>
> I have opened port 5129 on 2 linux machines (CENTOS) and they are
> listening - 1 machine accepts socket connections from a third windows
> machine (all on same network) and the 1 doesnt !! What can I check ?
>
> 1- I ran this to verify ports:
> open(PRTCP,'/proc/net/tcp');while(<PRTCP>){
> chomp;next if/^\s*$/;s/^\s*//;s/\s*$//;next
> if/^sl/;split/\s+/;@p=split':',$_[1];$h{hex
> $p[1]}=$_[7];}foreach(sort{$a<=>$b}keys%h){
> print$_,"\t",[getpwuid($h{$_})]->[0],"\n"};
>
> RESULT: 5129 jack
>
> 2- "netstat -tap" shows its listening :
> tcp 0 0 *:51295
> *:* LIST
> EN 7379/jacksprogram
>
> 3- iptables:
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> :RH-Firewall-1-INPUT - [0:0]
> -A INPUT -j RH-Firewall-1-INPUT
> -A FORWARD -j RH-Firewall-1-INPUT
> -A RH-Firewall-1-INPUT -i lo -j ACCEPT
> -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
> -A RH-Firewall-1-INPUT -p 50 -j ACCEPT
> -A RH-Firewall-1-INPUT -p 51 -j ACCEPT
> -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
> -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
> -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -
> j ACCEPT
> -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5129
> -j ACCEPT
> COMMIT

typocorrection to above, its port 5129, not 51295 - What else can I
check ? A firewall config ? Something blocking TCP packets ? :
2- "netstat -tap" shows its listening :
tcp 0 0 *:5129
*:* LIST
EN 7379/jacksprogram

Hello,

Jack a écrit :
>
> I have opened port 5129 on 2 linux machines (CENTOS) and they are
> listening - 1 machine accepts socket connections from a third windows
> machine (all on same network) and the 1 doesnt !! What can I check ?
[...]
> -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5129
> -j ACCEPT

The rule that accepts TCP connections on port 5129 is after the rule
that rejects everything, so it is useless.