How to add firewall exceptions in unix for EBS application related ports or any other Ports
=================================================================
Login as root user :
Issue below commands
iptables -I INPUT -p tcp --dport 8020 --syn -j ACCEPT
service iptables save
iptables -I INPUT -p tcp --dport 1541 --syn -j ACCEPT
service iptables save
iptables -I INPUT -p tcp --dport 7021 --syn -j ACCEPT
service iptables save
Note : In the above example 8020 is my ebs port and 1541 is my database port and 7021 for weblogic port
iptables-save > /etc/iptables.conf
==============================================================
Add the following command in /etc/rc.local to reload the rules in every reboot.
iptables-restore < /etc/iptables.conf
File will look like below after edition :
cat /etc/rc.local
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
touch /var/lock/subsys/local
iptables-restore < /etc/iptables.conf
If the above line is not added you would have to issue these commands every time the server is rebooted.
=================================================================
Login as root user :
Issue below commands
iptables -I INPUT -p tcp --dport 8020 --syn -j ACCEPT
service iptables save
iptables -I INPUT -p tcp --dport 1541 --syn -j ACCEPT
service iptables save
iptables -I INPUT -p tcp --dport 7021 --syn -j ACCEPT
service iptables save
Note : In the above example 8020 is my ebs port and 1541 is my database port and 7021 for weblogic port
iptables-save > /etc/iptables.conf
==============================================================
Add the following command in /etc/rc.local to reload the rules in every reboot.
iptables-restore < /etc/iptables.conf
File will look like below after edition :
cat /etc/rc.local
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
touch /var/lock/subsys/local
iptables-restore < /etc/iptables.conf
If the above line is not added you would have to issue these commands every time the server is rebooted.
==============================================================
Checking Application Url is working from Unix :
The Below Command from Unix will let you know whether the url is in accessible state or not:
curl "http://erpprod.skydubai.com:8020/OA_HTML/AppsLogin" |head -n 1 | grep "HTTP/1.[01] [23].."
Output of command would be like below :
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
105 315 0 315 0 0 8569 0 --:--:-- --:--:-- --:--:-- 8750
This curl command can be useful for troubleshooting and Daily health check or monitoring scripts to make sure you receive alerts when the application is down
No comments:
Post a Comment