Linux configuration firewall, open 80port, 3306port may encounter small problems

??

Vi/etc/sysconfig/iptables

-A input-m state–state new-m tcp-p Tcp–dport 80-j Accept (consent 80 port via firewall)
-A input-m state–state new-m tcp-p Tcp–dport 3306-j Accept (consent 3306 port via firewall)
Special tips:

Very many netizens add these two rules to the last line of the firewall configuration. Cause the firewall to start failing, the correct one should be to add the following to the default 22port rule

After the firewall rules are added, such as the following see:

######################################
# Firewall configuration written by System-config-firewall
# Manual Customization of this file are not recommended.
*filter
: INPUT ACCEPT [0:0]
: FORWARD ACCEPT [0:0]
: OUTPUT ACCEPT [0:0]
-A input-m state–state established,related-j ACCEPT
-A input-p icmp-j ACCEPT
-A input-i lo-j ACCEPT
-A input-m state–state new-m tcp-p tcp–dport 22-j ACCEPT
-A input-m state–state new-m tcp-p tcp–dport 80-j ACCEPT
-A input-m state–state new-m tcp-p tcp–dport 3306-j ACCEPT
-A input-j Reject–reject-with icmp-host-prohibited
-A forward-j Reject–reject-with icmp-host-prohibited
COMMIT
#####################################

/etc/init.d/iptables restart
#最后重新启动防火墙使配置生效

This article is mainly to record a possible problem, because I have encountered the problem, the new added rules to the last line of the configuration file, resulting in MySQL can not be remote access to ask. Take this note.

Original address: http://www.myhack58.com/Article/48/66/2012/34999.htm

Linux configuration firewall, open 80port, 3306port may encounter small problems