I need to open TCP port 25 on my Raspberry Pi 3. I watched videos on the internet re. iptables, nothing has worked. If you have a solution, using iptables or another method, that would be great.
If you want to know, I'm building an SMTP mail server and I have errors like "connection timed out" (with postfix) when I try to send a mail, (that's why I think port 25 is the problem, because it's closed)
You likely don't have issues with iptables, unless you installed and configured it as it is not running on a default Raspbian install. Also the default install will normally open and listen on the required ports. However, if you intend on running a mail server you should install and configure a firewall first, as your server will be a prime target for spammers etc. Properly securing a mail server involves considerably more than a firewall though.
As for port 25 It may be blocked by your ISP. I would suggest you implement SSL for your ingoing and outgoing mail which means that you will no longer be using port 25. The default configuration file should have automatically opened the port and be listening.
However, to answer your question you can see if the port is open and what process is listening with the following command:
sudo netstat -lptu
Additionally you can test your basic configuration using telnet as described in this post.
Depending on why you want an email server you may be better off just setting it up to forward all nonlocal mail through your Gmail account. I have not used it recently but this script makes that exceptionally easy.
For me:
sudo ufw allow 9999
works, where 9999 is the port number i want to open.
Debugging:
In case ufw is not installed:
sudo apt-get install ufw
In case ufw is not running (check with sudo ufw status):
sudo ufw enable
Question already answered?
i asked on meta: Should i place a second answer if question title vs answer differ?.
Working with iptables and its command line interface is pretty complicate.
To open or close ports I simply use sudo firewall-config. This program is a GUI for iptables and quite easy to configure:
You can open a port either by knowing the corresponding name (http, ssh, samba, smtp, ...) or by entering the port number itself. It's only a few clicks and the port is opened or closed.
To make the change permanent (after reboot) you click inside this program on `Options/Runtime to permanent`. That's it.
If you just want to test if the firewall is your problem you can simply disable the complete firewall suing
sudo /sbin/iptables --flush.
The firewall will stay disabled immediately until the next system restart.