Feb 082014
 

 

Depending on policy configuration, services may only be allowed to run on certain port numbers. Attempting to change the port a service runs on without changing policy may result in the service failing to start. Runsemanage port -l | grep -w “http_port_t” as the root user to list the ports SELinux allows httpd to listen on:

# semanage port -l | grep -w http_port_t
http_port_t                    tcp      80, 443, 488, 8008, 8009, 8443

By default, SELinux allows http to listen on TCP ports 80, 443, 488, 8008, 8009, or 8443. If/etc/httpd/conf/httpd.conf is configured so that httpd listens on any port not listed for http_port_t, httpd fails to start.

To configure httpd to run on a port other than TCP ports 80, 443, 488, 8008, 8009, or 8443:

  1. Edit /etc/httpd/conf/httpd.conf as the root user so the Listen option lists a port that is not configured in SELinux policy for httpd. The following example configures httpd to listen on the 10.0.0.1 IP address, and on port 12345:

  2. # Change this to Listen on specific IP addresses as shown below to
    # prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
    #
    #Listen 12.34.56.78:80
    Listen 10.0.0.1:12345

  3. Run semanage port -a -t http_port_t -p tcp 12345 as the root user to add the port to SELinux policy configuration.

  4. Run semanage port -l | grep -w http_port_t as the root user to confirm the port is added:

  5. # semanage port -l | grep -w http_port_t
    http_port_t                    tcp      12345, 80, 443, 488, 8008, 8009, 8443

If you no longer run httpd on port 12345, run semanage port -d -t http_port_t -p tcp 12345 as the root user to remove the port from policy configuration.

Source

Nov 052010
 

To enable VPN tunnels between individual host computers or entire networks that have a firewall between them, you must open the following ports:

PPTP
•To allow PPTP tunnel maintenance traffic, open TCP 1723.
•To allow PPTP tunneled data to pass through router, open Protocol ID 47.

L2TP over IPSec
•To allow Internet Key Exchange (IKE), open UDP 500.
•To allow IPSec Network Address Translation (NAT-T) open UDP 5500.
•To allow L2TP traffic, open UDP 1701.

Jul 062010
 

On Linux or Unix Systems you can use sftp like this:

sftp -oPort=1234 username@remote.servername.com
After authenticating, the following commands can be used. Any
paths should have quotes if they contain spaces.

Some standard commands and their definitions for command line SFTP include:

?	Get help on the use of SFTP commands.
bye	Close the connection to the remote computer and exit SFTP.
cd	Change the directory on the remote computer.
chgrp	Change the group associated with a computer file (chgrp system foofile).
chmod	Change the permissions of files on the remote computer.
chown	Change the owner of files on the remote computer.
dir	List the files in the current directory on the remote computer.
exit	Close the connection to the remote computer and exit SFTP.
get	Copy a file from the remote computer to the local computer.
help	Get help on the use of SFTP commands.
lcd	Change the directory on the local computer.
lls	See a list of the files in the current directory on the local computer.
lmkdir	Create a directory on the local computer.
ln	Create a symbolic link for a file on the remote computer.
lpwd	Show the current directory (present working directory) on local computer.
ls	Show the current directory on the remote computer.
lumask	Change the local umask value.
mkdir	Create a directory on the remote computer.
progress Toggle display of progress meter.
put	Copy a file from the local computer to the remote computer.
pwd	Show the current directory (present working directory) on remote computer.
quit	Close the connection to the remote computer and exit SFTP.
rename	Rename a file on the remote host.
rm	Delete files from the remote computer.
rmdir	Remove a directory on the remote host (the directory has to be empty).
symlink	Create a symbolic link for a file on the remote computer.
version	Display the SFTP version.
! 	In Unix, exit to the shell prompt, where you can enter commands. Enter exit
	to get back to SFTP. If you follow  !  with a command (e.g., !pwd), SFTP
	will execute the command without dropping you to the Unix prompt.