Skip to content
Home » Linux » How to Open Port 1521 on Linux Server

How to Open Port 1521 on Linux Server

Firewall on Linux

A firewall monitors and controls incoming and outgoing network traffic based on preconfigured security rules. It's not necessarily an appliance, it could be a service or system in OS.

To open port 1521 for Oracle database on Linux server, you should know what kind of firewall you have on the server. Usually, there're 2 kinds of firewalls on Linux.

  1. Firewalld
  2. The applied Linux server is usually release 7 or later.

  3. IPTables
  4. The applied Linux server is usually release 6 or earlier.

If your database is running on Windows platform, you may check the following post: How to Open Port 1521 on Windows Server.

Firewalld

You may choose to:

  1. Add Port 1521 to Firewalld, or
  2. Completely Disable Firewalld

Add Port 1521 to Firewalld

Here we open port 1521 for listener.

Check Current Setting of Firewalld

[root@test ~]# firewall-cmd --state
running
[root@test ~]# firewall-cmd --list-all
public (default, active)
  interfaces: eno16777736
  sources:
  services: dhcpv6-client ssh
  ports:
  masquerade: no
  forward-ports:
  icmp-blocks:
  rich rules:

Add Port 1521 to Firewalld Permanently

[root@test ~]# firewall-cmd --permanent --add-port=1521/tcp
success

Reload Firewalld

[root@test ~]# firewall-cmd --reload
success

Verify Result

[root@test ~]# firewall-cmd --list-all
public (default, active)
  interfaces: eno16777736
  sources:
  services: dhcpv6-client ssh
  ports: 1521/tcp 1158/tcp
  masquerade: no
  forward-ports:
  icmp-blocks:
  rich rules:

Completely Disable Firewalld

In practice, we sometimes rely on external firewalls to block unallowable connections. To completely turn off Firewalld, we can take the following steps.

Stop Firewalld

[root@test ~]# systemctl stop firewalld

Disable Firewalld

[root@test ~]# systemctl disable firewalld
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

In order to complement the strategy, we can also make a black list for blocking specific database connections.

IPTables

You may choose to:

  1. Add Port 1521 to IPTables, or
  2. Completely Disable IPTables

Add Port 1521 to IPTables

Open port 1521 in the firewall for remote users by root.

[root@test ~]# iptables -I INPUT -p tcp -m state --state NEW -m tcp --dport 1521 -j ACCEPT
[root@test ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
...
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:1521
...
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Don't forget to save the change.

[root@test ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]

Completely Disable IPTables

If you have external firewalls to block unallowable connections, it's unnecessary to use IPTables. To completely turn off IPTables, we can take the following steps.

Check Current Setting of IPTables

[root@test ~]# chkconfig --list | grep iptables
iptables        0:off   1:off   2:on    3:on    4:on    5:on    6:off

Stop IPTables

[root@test ~]# service iptables stop

Disable IPTables

[root@test ~]# chkconfig iptables off

Verify Result

[root@test ~]# chkconfig --list | grep iptables
iptables        0:off   1:off   2:off   3:off   4:off   5:off   6:off

To know more about how to persist firewall rules permanently, you may follow the link.

Leave a Reply

Your email address will not be published. Required fields are marked *