Page 1 of 1
Unable to open port 30000
Posted: 30 Oct 2015, 01:45
by datona
Has anyone had problems with opening port 30000 to be used with Canada Post's shipping module?
I have the following in my csf.conf file but the port is not opened:
TCP_IN = "20,21,22,25,26,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096,3306,7630,30000"
TCP_OUT = "20,21,22,25,26,37,43,53,80,110,113,143,443,587,873,2086,2087,2089,2703,3306,7630,19638,30000"
TCP6_IN = "20,21,22,25,26,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096,7630,30000"
TCP6_OUT = "20,21,22,25,26,37,43,53,80,110,113,443,587,873,2086,2087,2089,2703,7630,30000"
Re: Unable to open port 30000
Posted: 30 Oct 2015, 09:00
by marcele
Did you restart the firewall with csf -r ? We don't have any issues with Canada post. Also you don't need to add it to UDP only TCP is required.
Check to see if its opened:
# csf --status | grep 30000
Re: Unable to open port 30000
Posted: 30 Oct 2015, 14:08
by datona
Yes, I did restart CSF afterwards.
When I ran that command, this is what I got:
csf --status | grep 30000
38 3 180 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:30000
64 0 0 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:30000
But when I attempt to perform a port check on 30000, I get closed.
Re: Unable to open port 30000
Posted: 30 Oct 2015, 14:59
by datona
I am wondering if there would be a conflict due to passive FTP
Re: Unable to open port 30000
Posted: 31 Oct 2015, 12:45
by marcele
datona wrote:I am wondering if there would be a conflict due to passive FTP
Sorry what is the output for?
# csf --grep 30000
Re: Unable to open port 30000
Posted: 31 Oct 2015, 13:05
by datona
csf --grep 30000
Chain num pkts bytes target prot opt in out source destination
INPUT 38 7 364 ACCEPT tcp -- !lo * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:30000:35000
OUTPUT 64 2 120 ACCEPT tcp -- * !lo 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:30000:35000
ip6tables:
Chain num pkts bytes target prot opt in out source destination
INPUT 28 0 0 ACCEPT tcp !lo * ::/0 ::/0 state NEW tcp dpts:30000:35000
OUTPUT 52 0 0 ACCEPT tcp * !lo ::/0 ::/0 state NEW tcp dpts:30000:35000
Re: Unable to open port 30000
Posted: 01 Nov 2015, 12:57
by marcele
The ports are open correctly on the firewall. See if you can connect manually using openssl:
# openssl s_client -connect sellonline.canadapost.ca:30000
You should get a CONNECTED(00000003) if it is working correctly.
Re: Unable to open port 30000
Posted: 01 Nov 2015, 15:29
by datona
Yes, when I run that command, I get the following:
# openssl s_client -connect sellonline.canadapost.ca:30000
CONNECTED(00000003)
140116112373576:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:769:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 249 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---
Re: Unable to open port 30000
Posted: 01 Nov 2015, 18:27
by marcele
Then your issue has nothing to do with the firewall. You wouldn't be able to connect if the port was getting blocked. The firewall is working correctly.