Issue with - Linux network services task

KodeKloud Engineer
#1

Hi Inderpreet/Kodekloud team,

Can someone shed some light on this task and let me know where im doing wrong.

The task was to check Apache httpd service is not reachable from jump host.

Solution i applied was:

  1. Checked 8080 port was in use by sendmail service. Hence stopped that service and disabled it.
  2. Started httpd service and it got started.
  3. Checked httpd was listening with port 8080.
  4. Added iptables rule and saved it.
  5. Checked from jumphost still apache service was not accessible neither telnet.
  6. Firewalld service was not active.
  7. my email id: [email protected]
    Attaching screenshot for all my above points.

iptables_reflecting_port_8080
iptables_reflecting_port_8080955Ă—289 36.5 KB
http_port_listening_iptables_service_on
http_port_listening_iptables_service_on967Ă—381 77.1 KB
httpd_conf_file
httpd_conf_file758Ă—139 19.9 KB
iptables_2
iptables_2954Ă—719 98.4 KB
Task_1

#2

Okay, after some research, i realised my mistake, I have actually inserted my new rule after a existing “REJECT” rule in iptables using “iptables -A” command.

iptables work in the order starting from top to bottom…so the formula here is whenever you add a new rule it should be above a REJECT rule and how to do that. Here it is.

Always use -I INPUT (hypen Capital Letter I) which always places your new rule to the top.
Avoid using -A INPUT (hypen Capital A simply appends rule at the end of all rules in file:/etc/sysconfig/iptables)

3 Likes