Every application and service which needs network connectivity to function requires specific endpoints to connect and communicate with other services. There are 65,536 such endpoints in any Linux system known as “Ports.” In this article, we will discuss different methods to open a port in Linux.
How to Check Port Status in Linux
Before you can open any ports for some of the best Linux applications to use, you need to check the port status to avoid any sort of conflict. To list all open ports in the system, use the netstat command in Linux:
netstat -l -n -t -u
In the above command, here is what each parameter means:
- -l lists all ports set to listening mode (accepting incoming connections)
- -n prints the port number
- -t lists all ports accepting TCP connections
- -u lists all ports accepting UDP connections
Once you run this command in the Terminal, you will see the following output:
Here, notice the fifth column with the name Local Address. This number signifies the local address through which any incoming connection is accepted. The number after the colon symbol signifies the open port for any incoming connections on your Linux system.
If netstat is not installed in your system, you can use the ss command in Linux. It gives you a similar output, and the port number is shown in the last column after the colon. Here’s what the syntax for the ss command looks like:
ss -l -n -t -u
How to Open Ports in Linux
Once you have verified the port you want to open is not in use already, you can now proceed to open it. Follow the steps specific to different Linux distros:
Ubuntu-based Systems
UFW is a Linux-based tool that stands for Uncomplicated FireWall and is used to manage firewall rules. Use this syntax to add a new rule to open the port:
sudo ufw allow <port_number>/<protocol>
For example, to open port 8080 for incoming TCP connections in your Linux system, use the following command:
sudo ufw allow 8080/tcp
Now, check the status of UFW using:
sudo ufw status numbered
If it says disabled, then enable it with this syntax:
sudo ufw enable
And again check the status of UFW. This time you will see the opened port in the output.
Cent OS-based Systems
Firewalld, which stands for Firewall-Daemon, is an advanced firewall rules management tool. Before modifying any rules to open any port on your Linux system, always check its status using the following command:
sudo systemctl status firewalld
If it says inactive, you need to activate the firewall-daemon using the following command:
sudo systemctl enable firewalld
Now, use this syntax to add a new rule to open a port specific to a protocol:
sudo firewall-cmd --add-port=<port_number>/<protocol>
For example, to open port 8080 for incoming TCP connections, use the command as follows:
sudo firewall-cmd --add-port=8080/tcp
Other Linux Distributions
Every Linux distribution comes preinstalled with iptables, a versatile tool used to manage firewall rules and open ports. To allow TCP traffic on port 8080 on other Linux distros, use this command:
sudo iptables -A INPUT -p tcp --dport 8080 -j ACCEPT
Once you have added the rule, save it using this command:
sudo /sbin/iptables-save