How to open a port on Linux

Estimated reading: 5 minutes 890 views

Introduction

Before we learn about opening a port on Linux, let’s understand what network ports are. A port is a communication endpoint. Within an operating system, a port allows the data packets specific processes or network services.

Typically, ports identify a specific network service assigned to them. This can be changed by manually configuring the service to use a different port, but in general, the defaults can be used.

The first 1024 ports (Ports 0-1023) are referred to as well-known port numbers and are reserved for the most commonly used services include SSH (port 22), HTTP and HTTPS (port 80 and 443), etc. Port numbers above 1024 are referred to as ephemeral ports.

Among ephemeral ports, Port numbers 1024-49151 are called the Registered/User Ports. The rest of the ports, 49152-65535 are called as Dynamic/Private Ports.

In this tutorial, we will show how we can open an ephemeral port on Linux, since the most common services use the well-known ports.

How to Open Ports in Ubuntu / Debian

Enabling UFW on Ubuntu / Debian

If you do not know how to install Firewall with UFW, you can refer to the following instructions:

https://green.cloud/docs/how-to-set-up-a-firewall-with-ufw-on-debian-10/
https://green.cloud/docs/how-to-set-up-a-firewall-with-ufw-on-ubuntu-2004/

We are told in the official UFW documentation that UFW is disabled by default. So, we can check this by running the following command

ufw status

You will most likely get an output screen similar to this one

So, the first step before working with UFW is to enable it. To do this, run

ufw enable

If you check the status of the service again then you should get the following output

Status: active

With this, we now have UFW active on the system. Now we can start working with it and open the ports we need.

Open ports in Ubuntu / Debian with UFW

With UFW we can start opening ports. There are several ways to do this, but all of them are equally easy to do.

Before starting it is always good to be careful with the ports you are going to open. Many applications can use it and thus have an important security breach.

So, if your computer runs database services, SSH or FTP, you may need to open ports otherwise I don’t recommend it.

Let’s go for it.

To open a port with UFW we have to follow this basic syntax

ufw allow <port>

For example, if we want to open the port 80 which is where HTTP works

ufw allow 80

You will get an output screen similar to this one

Rule added
Rule added (v6)

In this case port 80 has been opened in both TCP and UDP protocols.

Also, it is possible to specify the protocol and port to be opened. This is very useful to further control the traffic.

If, for example, you want to open port 85 but only for the TCP protocol then you have to run

ufw allow 85/tcp

Or in the case of UDP

ufw allow 85/udp

In both cases, you will get an output screen similar to this one

Rule added
Rule added (v6)

Open ports in Ubuntu / Debian by specifying the system service

Some services and profiles are defined in UFW. These services use a specific port, so we can also open ports using this method. The difference is that we have to know which port each service uses, so if you are just starting with Linux, it may not be convenient.

So, to open ports using this method, we need to use this syntax

ufw allow <service-name>

For example,

ufw allow ssh

And you will get the following output

Rule added
Rule added (v6)

So, in this case, it will open port 22 which is the port used by SSH.

If you want to know which are the other services you can use, you can check them by clicking on the following link

less /etc/services

That’s how simple it is to do

Deny access to ports

Now I will show you the reverse process. The syntax is similar and we just need to change allow to deny for example.

ufw deny 80

And in this case, port 80 is restricted on both TCP and UDP.

Also, you can specify the protocol in a similar way to the above process.

ufw deny 80/tcp

ufw deny 80/udp

How To Open A Port In CentOS

1. Check Port Status

Check that the port is not open and Apache is not showing that port: (Example: open port 25)

# netstat -na | grep 25

2. Check Port Status in iptables

Check that iptables are not showing that port open:

# iptables-save | grep 25

3. Open firewall ports

So let’s add this new port to our system iptables rules, using the iptables command.

If this command is not yet installed, get it using your package manager.

iptables -I INPUT -p tcp -m tcp --dport 25 -j ACCEPT

4. Check newly added port status

After opening the port, you can check it again with the command:

netstat -tunlp

Summary

Through this article we have guided you to open the port on Ubuntu/Debian or Centos. Hope this article will make you successful.