1

Why am I able to telnet to my machine on port 80 when I do not have http or port 80 opened and there are no services listening on port 80?

sudo firewall-cmd --list-all --zone=public

public (active)
  target: default
  icmp-block-inversion: no
  interfaces: em1
  sources:
  services: dhcpv6-client ssh
  ports: 12345/tcp
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

I've tried to remove the port but it says it's not in the active zone, so shouldn't my telnet connections be rejected?

sudo firewall-cmd --zone=public --remove-port=80/tcp
Warning: NOT_ENABLED: '80:tcp' not in 'public'

I've double checked and I do not have iptables service running, only firewalld is running. I'm still not understanding why iptables command exists or why the iptables file is updated with firewall-cmd commands.

I even tried the "old school" method of just dropping all incoming traffic with:

sudo iptables --policy INPUT DROP

But still telnet to port 80 comes through.

Dr.Tautology
  • 131

1 Answers1

0

First of all you need to find if there are really some services which listen in port 80. For this run, as root or with sudo:

netstat -nlp | grep :80

Second, try to list all zones to see in what zone is port 80 added:

firewall-cmd --list-all-zones

An third, in Centos 7, firewalld acts like a front-end for iptables, that's why you still have the iptables command.

Catalin and that's it
  • 1