How to Open Port in Linux: Simple Step-by-Step Guide

Opening ports in Linux and using Linux networking tools to list and validate open ports are critical responsibilities for network communication management. A port number in computer networking is a virtual concept that assigns a network identify to a certain service or application.

In this article, we will look at the process of opening ports and show how to utilize several Linux networking tools to check and test the opened port in Linux.

The first 1024 ports (from 0 to 1023) are known as well-known port numbers, because they are reserved for the most regularly used services. SSH (port 22), HTTP (port 80), and HTTPS (port 443) are examples. Port numbers greater than 1024 are referred to be ephemeral ports.

  • Registered/user ports range from 1024 to 49151.
  • The dynamic/private ports are those numbered 49152 to 65535.

Prerequisites

  • Access to the system (sudo or root access).

Initial Setup

Start by updating the server packages to the latest versions available.

On your Linux system, launch a terminal or command line interface.

sudo apt update

List out All Available Ports

How to Install netstat?

The “sudo” command executes the following command with administrative rights, allowing you to make system-level changes.

Then the Most common Linux distributions provide the netstat command as part of the net-tools package. The commands you listed for installing netstat on the various distributions are correct.

See also  Framer AI Website Builder: Build Websites Instantly

Here is a installation guide for installing net-tools in all major distros:

For Fedora/CentOS/RHEL 8:

sudo dnf install net-tools

For CentOS/RHEL 7:

sudo yum install net-tools

For Debian/Ubuntu:

sudo apt install net-tools

For Arch:

sudo pacman -S netstat-nat

For OpenSuse:

sudo zypper install net-tools

TCP and UDP Protocols

The netstat program can be used to list all Open Port in Linux, including both TCP and UDP protocols. Here’s how you can utilize it:

Execute the below command:

netstat -lntu

Let’s have a look at the command’s options:

  • -l: Only displays listening sockets/ports.
  • -n: Displays the port numbers rather than resolving them to service names.
  • -t: Displays a list of TCP ports.
  • -u: Displays a list of UDP ports.

When you run the command netstat -lntu, you’ll get something like this:

cloudbooklet@ubuntu:~$ netstat -lntu Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN tcp6 0 0 :::22 :::* LISTEN udp 0 0 127.0.0.1:323 0.0.0.0:* udp 0 0 127.0.0.53:53 0.0.0.0:* udp 0 0 10.128.0.11:68 0.0.0.0:* udp6 0 0 ::1:323 :::* cloudbooklet@ubuntu:~$

Note: If your distribution does not include netstat, you can display open ports by looking for listening sockets with the ss command.

On Linux, use the ss command to check consistent outputs and list listening sockets with an open port. The ss command, which replaces the earlier netstat command, gives more detailed and up-to-date statistics. Here’s how you can put it to use:

On your Linux system, launch a terminal or command line interface.

ss -lntu

The -ltn options are used to filter and display specific information:

  • -l: Only displays listening sockets/ports.
  • -t: Displays a list of TCP ports.
  • -n: Shows port numbers rather than resolving them to service names.
See also  Midjourney Panning: A New Way to Discover Details in Your Images

The ss command will then provide a list of open listening sockets with their corresponding local addresses and port numbers. Here’s the output will be:

cloudbooklet@ubuntu:~$ ss -lntu Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process udp UNCONN 0 0 127.0.0.1:323 0.0.0.0:* udp UNCONN 0 0 127.0.0.53%lo:53 0.0.0.0:* udp UNCONN 0 0 10.128.0.11%ens4:68 0.0.0.0:* udp UNCONN 0 0 [::1]:323 [::]:* tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* tcp LISTEN 0 511 0.0.0.0:80 0.0.0.0:* tcp LISTEN 0 511 0.0.0.0:443 0.0.0.0:* tcp LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:* tcp LISTEN 0 128 [::]:22 [::]:* cloudbooklet@ubuntu:~$

Ports 22 (SSH) and 80 (HTTP) are both open and actively listening in this example.

Check Active Connections

You can use the netstat command to check for any active connections or listening sockets on port 4000 to ensure that it is not currently in use. Here’s how to go about it:

On your Linux system, launch a terminal or command line interface.

netstat -na | grep :4000

Alternatively, use the ss command:

ss -na | grep :4000

If no output or results are provided, this indicates that port 4000 is not currently in use and is available for opening.

For Ubuntu and Debian based systems

If you don’t have UFW installed you can install it using the below command.

sudo apt install ufw

Check more details about using UFW here

Your commands will look somewhat like this:

sudo ufw allow 4000

For CentOS and firewall-based systems

Use firewall-cmd, the command line client for the firewalled daemon.

Your commands will look somewhat like this:

firewall-cmd -add-port=4000/tcp

Linux distributions without using UFW or a firewall

Investigate the legacy iptables approach for configuring IP packet filtering that is utilized by some Linux systems. Learn how to install and use iptables to create strong firewall rules for improved system security and network traffic control.

See also  How to Dub a Video with DubVerse AI App for Free (Ultimate Guide)

Change the system IPv4 packet filter rules with iptables.

iptables -A INPUT -p tcp -dport 4000 -j ACCEPT

Refer to How to Install Iptables for Your Distribution for further information.

Testing Open Ports for TCP Connections

You can use the nmap command to test a specific port by specifying the port number as well as the destination IP address or hostname. You can use the following command:

To install nmap command following command should be used

sudo apt-get install nmap nmap localhost -p 4000

Use Netcat Utility For Testing purposes

To test an Open Port in Linux with the netcat utility (commonly abbreviated as nc), do the following:

To listen on the specified port (e.g., port 4000) and show any received data, open a terminal window and run the following command:

echo “Testing port 4000” | nc -l -p 4000

Keep the command running while you open another terminal window.

In that terminal window, type telnet to connect to the local socket.

telnet localhost 4000

This command connects to the local host (localhost) on port 4000.

You can type a message in the terminal window where you ran telnet if the port is open and the connection is successful.

Also read: You might also find useful our guide on How to Upgrade Linux Kernel in Ubuntu

Conclusion

Finally, there are numerous ways to Open Port in Linux. The best method for you will be determined by your distribution and firewall settings. However, the typical procedure is to display all open ports, check to see if the port you require is already open, and then open the port with the proper command. After you’ve opened the port, you can test it to ensure it’s operational.

Please feel free to share your thoughts and feedback in the comment section below.