Checking for Open Ports
Listing your firewall rules with iptables -L is the main tool available for checking for open ports. Open ports are defined to be open by your ACCEPT rules. Beyond the iptables -L command, other tools such as netstat are helpful for finding out what ports are listening on the firewall.
netstat has several uses. In the next section, we'll use it to check for active ports so that we can double-check that the TCP and UDP ports in use are the ports that the firewall rules are accounting for.
Just because netstat reports the port as listening or open doesn't mean that it's accessible through the firewall rules. Following this, two third-party port-scanning tools—strobe and nmap—are introduced. These tools should be used from ...
Get Linux Firewalls, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
