Overview

How to use netcat (nc) to test firewall rules by setting up a listener on one side and connecting from the other, verifying that specific ports are open between two hosts.

You can use netcat to listen on any available port and connect to it from a remote client, this way you can test that the firewall actually allows you to pass.

netcat installation

On CentOS you just need to use:

yum install nc -y

Test firewall with netcat

netcat server

Run netcat server on port 12345:

nc -v -l 12345

You should receive a blank line. During connection you will see “Connection from 10.0.0.2 port 6666 [tcp/ircu-2] accepted” and whatever you write on the server will appear on the client.

netcat client

Connect to port 12345 on a remote server 10.0.0.1:

nc 10.0.0.1 12345

You should receive a blank line and whatever you write on the client will appear on the server.

netcat man page

Enjoy!