Ports open closed.? and timeouts

Discussion in 'Linux Networking' started by Steve Wolf, Sep 26, 2012.

  1. Steve Wolf

    Steve Wolf Guest

    We use a linux computer for our gateway.

    I belive it is based on Centros (if I have that right)
    We have been having trouble with a company that hosts a DB for us. There are regular connects and disconnects reported by their software.

    I have a number of questions if I may that I would like to ask.

    How do I know what outgoing and incoming ports are open.
    I was told that the ports are already open.

    Secondly they have suggested that I increase the timeout to 30+ minutes for testing.

    So really what I want to know is


    1. How can I see what ports are open outbound and Ibound

    2. how to increase the timeout for these ports.


    Thanks.
     
    Steve Wolf, Sep 26, 2012
    #1
    1. Advertisements

  2. Steve Wolf wrote:
    [...]
    netstat -anp shows who's listening where.
    /etc/inedt.conf tells you who gets called by inetd.

    nmap yourself from some remote machine.


    'outbound' ports are assigned dynamically
    (there's no port 21 to port 21 connection)
    A 'server' or 'listener' listens forever.

    not sure about your question here....

    -rasp
     
    Ralph Spitzner, Sep 27, 2012
    #2
    1. Advertisements

  3. Depends what you need to know to check open ports use netstat -an add |
    grep Listening if you wish
    then check if it is firewalled using iptables iptables -L

    this shoud give you a list of filtered ports

    Thats bad on IP surely they mean 30 seconds ?
    Bad move
    If you get hanging ports the chances of DoS attack are higher..

    I would first check what port the DB is connecting to probably 3306 or
    something similar
    The fact that you said it was connecting would suggest that the ports are open
    make sure you have no firewall rule causing the issue.

    Routing could also be a problem make sure the gateway has correct
    routing defined within the routing table and you can ping each end of
    your link with a decent time. This in fact is the likley casue of speed
    issues..

    Good luck
     
    Simon Quantrill, Sep 27, 2012
    #3
  4. Steve Wolf

    Steve Wolf Guest

    Ok Im confused by a number of things. Perhaps you'all can help me sort it out.
    The ports I need open are the following.

    Is it true that 443 is inbound and the rest are outboound?
    443, 1494, 2598

    It has been indicated to me all outbound ports are opens.

    When I using the command
    netstat -ap
    I think and please correct me if Im worng, that this will only list established connections and listening ports eg software on the server that is listening. However in my case Im using windows and just going through the linuxas a firewall. In either case when I type
    netstat -ap |grep 1494
    or
    netstat -ap |2598
    I get nothing. This tells me that the ports are not open.
    BUT elsewhere I have been told that all the ports outbound are open. And the software does work (as Somone mentioned here) proving to me that the ports ARE OPEN. ~ can somoene clarify me on this.

    Im not sure how to interpret the command
    iptable -L
    I certainly see a lot of "anywhere"s Where would I look to see if all the outbound ports re open.
     
    Steve Wolf, Sep 27, 2012
    #4
  5. Steve Wolf

    Jorgen Grahn Guest

    On Thu, 2012-09-27, Steve Wolf wrote:

    Please wrap your lines so I don't have to do it for you.

    ....
    Right -- if you have some sort of router or gateway or firewall which
    happens to run Linux, the TCP/UDP ports which are open or not there
    are irrelevant. A port is "open" when a local application is using it.

    The question is: what does that box *really do*? If it does NAT, then
    it has to keep track along the lines of:

    A inside +------+ internet
    B ----->| |---->
    C +------+

    "Oh, host A on the inside is sending a TCP SYN through me. Since I
    have to replace the source address (since I do NAT) I have to remember
    this, to be able to forward the responses back to A."

    Or something. Anyway, the router has to keep track. And because it
    has to keep track, it also has to have a strategy for when to
    *forget*, or it will eventually run out of memory.

    It sounds as if someone believes the forgetting is based on an idle
    timeout setting in the router, and is asking you to increase that
    timeout.
    Not enough context, sorry.

    /Jorgen
     
    Jorgen Grahn, Sep 27, 2012
    #5
  6. Steve Wolf

    Steve Wolf Guest

    Thanks.
    I didnt make the connection between the idle time and the nat. I have learned that on this os I think the idle time is set in.
    /proc/sys/net/ipv4/ip_conntrack_max
    Mine is set for 65536.
    I dont know anything about his file and cant seem to find any real definition for it although there are many messages about changing it to the number which is my default. If it is seconds then my math tells me its 18 hours ofIdle time. Am I right ? Does anyone know?

    Im still going to ask the questions, primarily for my inquisitive mind.
    If I run some command while the software is transfering data shouldnt I seethe port opening and closing. I mean the various command that I mentioned above do show some ports why cant I see those that are being used by the db..
    Regards
     
    Steve Wolf, Sep 27, 2012
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.