To add a new rule in iptables use the below method:
append the below lines to /etc/sysconfig/iptables and /etc/sysconfig/iptables.save file
# Generated by iptables-save v1.2.11 on Tue Oct 14 18:47:16 2008 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [3541478:1038277365] :RH-Firewall-1-INPUT - [0:0] -A INPUT -i eth1 -p udp -m udp --dport 1194 -m state --state NEW -j ACCEPT -A INPUT -i tap0 -j DROP -A INPUT -j RH-Firewall-1-INPUT -A INPUT -s 172.16.20.0/255.255.255.0 -p udp -m udp --dport 53 -j ACCEPT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p ipv6-crypt -j ACCEPT -A RH-Firewall-1-INPUT -p ipv6-auth -j ACCEPT -A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 8980 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 23 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT
Reff. Site: http://www.cyberciti.biz/faq/howto-rhel-linux-open-port-using-iptables/
0 Responses
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.