How to open or close ports in Linux.
Effectively managing ports on your Linux system is crucial for both security and service accessibility. This comprehensive guide will provide a detailed walkthrough on opening and closing ports using the robust tools iptables and ufw. Understanding these methods is essential for system administrators and users alike.
Firewall configuration is only one part of maintaining a secure and accessible Linux server. The NexonHost knowledge base provides additional guides covering Linux administration, network troubleshooting, security, and server management.
- Understanding iptables:
Before diving into opening and closing ports, let’s take a moment to grasp the fundamentals of iptables.
- View the current iptables rules:
sudo iptables -L -n -v
- Display a detailed snapshot of the firewall:
sudo iptables -S
Firewall rules determine whether traffic is permitted, but they do not confirm that an application is actively accepting connections. Before changing a rule, learn how to check for listening ports ports in use and identify which services are bound to each port.
- Opening Ports with iptables:
To open a specific port, such as port 80 for HTTP traffic, execute the following command:
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
This command appends a rule to the INPUT chain, permitting TCP traffic on port 80.
After creating an iptables rule, verify that the required port is accessible and that the corresponding service is running correctly. This guide explains how to check for open ports using common Linux networking and port-scanning utilities.
- Closing Ports with iptables:
To close a previously opened port, identify the rule number using the --line-numbers option:
sudo iptables -L INPUT --line-numbers
Then, delete the rule by specifying the rule number (replace X with the actual rule number):
sudo iptables -D INPUT X
These iptables instructions apply specifically to Linux systems and should not be used on Windows servers. Administrators using Windows VPS hosting must manage inbound and outbound ports through Windows Defender Firewall or another compatible security tool.
- Understanding ufw:
ufw simplifies iptables management with a user-friendly interface. Verify the firewall status and default policies:
sudo ufw status verbose
The firewall tools available to you depend on the operating system, administrative access, and server configuration included with your hosting plan. NexonHost provides several hosting products for websites, applications, virtual servers, and workloads requiring configurable network security.
- Opening Ports with ufw:
To open a port, like port 80, using ufw:
sudo ufw allow 80/tcp
This command creates a rule allowing TCP traffic on port 80.
- Closing Ports with ufw:
To close a previously opened port:
sudo ufw delete allow 80/tcp
- Saving Changes:
After making changes, save the iptables rules:
sudo service iptables save sudo service iptables restart
For ufw, reload the rules:
sudo ufw reload
Opening a network port should not be confused with opening a file, directory, or URL from the Linux desktop. For that separate task, follow this guide on how to use xdg open command with the system’s default application.
Advanced Configuration:
Explore advanced configurations such as source IP restrictions and managing outbound traffic:
- Allow traffic from a specific IP:
sudo iptables -A INPUT -p tcp --dport 22 -s 192.168.1.2 -j ACCEPT
- Allow traffic on a specific interface:
sudo iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
Advanced firewall rules control which connections are permitted, but they do not change the server’s bandwidth allowance. For Windows-based applications that regularly transfer large amounts of data, an unmetered Windows VPS can provide predictable traffic usage without metered bandwidth restrictions.
Conclusion:
This comprehensive guide provides a detailed walkthrough of opening and closing ports in Linux using iptables and ufw. System administrators and users are encouraged to understand the commands and adapt them according to their system’s configuration and security requirements.
Always exercise caution when modifying firewall rules, and tailor the provided examples to meet the specific needs of your Linux environment.


