How to Open Ports in Linux Server Firewall

Method 1 of 3:

Using Uncomplicated Firewall for Ubuntu

Log in to your server. If you're using Ubuntu on your desktop, press Ctrl+Alt+T to open a terminal window.
Type sudo ufw status verbose and press ↵ Enter. If UFW is already running, you'll see a status message, as well as a list of any firewall rules (including opened ports) that already exist.^[1]
1. If you see a message that says Status: inactive, type sudo ufw enable at the prompt and press ↵ Enter to start the firewall.
Use sudo ufw allow [port number] to open a port. For example, if you want to open the SSH port (22), you'd type kbd and press ↵ Enter to open the port. There's no need to restart the firewall, as the change will take effect immediately.^[2]
1. If the port you're opening is for a service listed in /etc/services, you just type the service's name instead of the port number. Example: sudo ufw allow ssh.
2. To open a specific range of ports, use the syntax sudo ufw allow 6000:6007/tcp, replacing 6000:6007 with the actual range. If the range is UDP ports, replace tcp with udp.
3. To specify an IP address that can access the port, use this syntax: sudo ufw allow from 10.0.0.1 to any port 22. Replace 10.0.0.1 with the IP address, and 22 with the port you want to open to that address.
Delete firewall rules that aren't needed. Any ports that aren't specifically opened are blocked by default. If you open a port and decide you want to close it, use these steps:
1. Type sudo ufw status numbered and press ↵ Enter. This displays a list of all firewall rules, each beginning with a number to represent it in the list.
2. Identify the number at the beginning of rule you want to delete. For example, let's say you want to remove the rule that opens port 22, and that rule is listed on line 2.
3. Type sudo ufw delete 2 and press ↵ Enter to remove the rule at line 2.

Method 2 of 3:

Using ConfigServer Firewall

Log in to your server. If you're not logged in as the root user, you can su to root to adjust your configuration.
Go to directory that contains your CSF config file. The file is called csf.conf, and it's saved to /etc/csf/csf.conf by default.^[3] To do this, type cd /etc/csf and press ↵ Enter.
Open csf.conf in a text editor. You can use any text editor you wish, such as vim or nano.
1. To open csf.conf in vim, type vim csf.config and press ↵ Enter.
Add an incoming port to the TCP_IN list. TCP ports. Once you have the file open, you will see TCP_IN and TCP_OUT sections. The TCP_IN section lists open inbound TCP ports separated by commas. The ports are in numerical order to make things easy, but it's not required that the ports you stick to the order. You can add ports to the end of the sequence, just separate them with commas.
1. For example, let's say you want to open port 999, and the current open ports are 20, 21, 22, 25, 53, 80, 110, 143, 443, 465, 587, 993, 995.
2. After adding port 999 to the list, it will look like this: 20, 21, 22, 25, 53, 80, 110, 143, 443, 465, 587, 993, 995, 999.
3. To get into insertion/typing mode in vim, press the i key on the keyboard.
Allow outgoing TCP to the TCP_OUT list. Just as you did with the incoming port, add any outbound TCP ports you'd like to open to the TCP_OUT list.
Save your changes and exit the file. Follow these steps to save and exit the file:
1. Press the Esc key.
2. Type :wq!.
3. Press ↵ Enter.
Type service csf restart and press ↵ Enter. This restarts the firewall and opens the new ports.
1. To deny a port, re-open the file, delete the port, save the file, and then re-start the firewall.

Method 3 of 3:

Using Advanced Policy Firewall

Log in to your server. If you're not logged in as the root user, you can su to root to adjust your configuration.
Go to the directory that contains your APF config file. The file you're looking for is called conf.apf, and it'll be in /etc/apf by default.^[4] Type cd /etc/apf to enter that directory.
Open conf.apf in a text editor. You can use any text editor you wish, such as vim or nano.
1. To open conf.apf in vim, you'd type vim conf.apf and press ↵ Enter.
Add inbound ports to the IG_TCP_CPORTS list. Once you have the file open, you will see IG_TCP_CPORTS and EG_TCP_CPORTS sections. The IG_TCP_CPORTS section lists open inbound ports separated by commas. The ports are listed in numerical order to make things easy, but it's not required to stick with it. You can add ports to the end of the sequence, just separate them with commas.
1. For example, let's say you want to open port 999, and the current open ports are 20, 21, 22, 25, 53, 80, 110, 143, 443, 465, 587, 993, 995.
2. After adding port 999 to the IG_TCP_CPORTS list, it will look like this: 20, 21, 22, 25, 53, 80, 110, 143, 443, 465, 587, 993, 995, 999.
3. To get into insertion/typing mode in vim, press the i key on the keyboard.
Allow outbound ports to the EG_TCP_CPORTS list. Just as you did with the incoming port, add any outbound TCP ports you'd like to open to the the EG_TCP_CPORTS list.
Save your changes and exit the file. Follow these steps to save and exit the file:
1. Press the Esc key.
2. Type :wq!.
3. Press ↵ Enter.
Type service apf -r and press ↵ Enter. This restarts the APF firewall and opens the new ports.
1. To deny a port, re-open the file, delete the port, save the file, and then re-start the firewall.

Isabella Humphrey

Update 04 March 2020

You should read it

May be interested

Installing and configuring the 2004 ISA Server Firewall - Chapter 3
microsoft internet authentication server (ias) is a standard of type radius (remote authentication dial in user service) server used to authenticate users connecting to the isa server 2004 firewall machine.
7 Enterprise Linux Server Distributions
the newest entrants to the linux team are businesses looking for stable and secure distributions to enhance their production cycles.
How to set up your own Git server on Linux
while you can count on globally renowned git hosting services like github, in some cases it is better to host a personal git server for enhanced privacy, customizability, and security.
Overview of Windows Server 2008 Firewall with advanced security features
windows server 2003 already has a fairly basic firewall that protects your computer against external connections that you don't want them to connect to the server. this problem is very useful in protecting windows server 2003 machines, though
12 best Linux server operating systems
although linux operating systems provide a great desktop environment, linux can also successfully complete the task of a server. linux often provides advanced permissions, increasing flexibility and stability.
How to manage remote Linux server using SSH
managing the server is still a necessary and sometimes heavy task. fortunately, secure shell (ssh) is available - a network protocol that allows services to run on an unsecured network.
New points in SQL Server 2017
the sql server 2017 version is primarily connected to linux, bringing the power of sql to linux. in short, you can install sql server 2017 on linux, using sql server 2017 on linux-based docker containers. sql server 2017 also allows you to choose development languages, develop it on-premise or cloud-based.
How to access Linux server from Android
before starting to connect to the server from an android device, users should consider how it affects security. connection from android is not unsafe, but every method has certain risks.
7 best Linux server distributions
linux is one of the factors driving today's growing internet platform. in fact, more than 70% of all websites are powered by unix, with linux accounting for 58%.
What is Cloud Server Linux? Advantages and disadvantages of Cloud Server Linux
cloud server linux is a cloud-based website hosting service using the linux operating system. linux will support websites using programming languages such as php, python, db, mysql,...