Linux Firewall Open specific ports (iptables)

A firewall (iptables) is a system service located at:/etc/init.d/iptables
Firewall configuration information, saved in this file:/etc/sysconfig/iptables
The Firewall service start, stop, restart, query status, save configuration and other commands as follows:
# Service iptables start/stop/restart/status/save

Linux Firewall Open specific ports (iptables)

Service iptables Status View firewall state

Service iptables start to turn on the firewall

Service iptables Stop shutting down the firewall

Service iptables Restart Restart firewall

Firewalls Open specific ports:

① file/etc/sysconfig/iptables

② Add:

-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 8080-j ACCEPT

★ The number 8080 stands for open 8080 ports, can also be changed to other ports ★

③ Restart the firewall

================================================================

Save settings for the firewall

Serivce iptables Save

View Iptables rules and numbers

IPTABLES-NL--line-number

Turn off all input FORWARD (forwards) output for all ports

Iptables-p INPUT DROP

Iptables-p FORWARD DROP

Iptables-p OUTPUT DROP

Open only 22 ports

Iptables-a input-p TCP--dport 22-j ACCEPT

Iptables-a output-p TCP--sport 22-j ACCEPT

Parameter explanation:

The –A parameter is seen as adding a rule

–P specifies what protocol we commonly use for the TCP protocol, and of course there are UDP, such as 53-port DNS

–dport is the destination port, when the data goes from outside to the server as the destination port

–sport data goes out of the server, it is used for the data source port

–J is designated as Accept-receive or DROP not receive

Disable an IP access

Iptables-a input-p tcp-s 192.168.1.2-j DROP

–s parameter is source (i.e. 192.168.1.2)

The back rejection is drop.

Delete Rule

Iptables-d INPUT 2

Delete the input chain number 2 rule

The Iptable command, which operates on the chain or the rule itself, uses uppercase letters:
-A (Append)-D (delete)-X (delete)-I (Insert)-R (Replace)-L (List)-F (Flush)-N (New)-Z (Zero)-P (Policy)-E (REname)
Options for detailing rules with lowercase letters:
-P (Protocol)-S (Source)-D (Destination)-j (jump)-I (Input)-O (Output)-G (Goto)-N (number)-T (Table)-V (Verbose)-X (EXact)

List the full firewall rules:

Three tables (table): Filter (filter, for native), Nat (address translation, for backend), mangle (for attackers, rarely used).
Three chains (chain): Input,forward,output;prerouting,postrouting,output.
Four operations (jump): Accept, Reject (REJECT), drop (drop), record (log).
Several states (state): New, established (established), invalid (INVALID), correlation (related).

Reference:

1. Super Detailed introduction to Iptables
http://blog.csdn.net/sdytlm/article/details/6544913

2. Linux firewall configuration file iptables detailed
Http://www.blogjava.net/baizhihui19870626/articles/376350.html

This article is from the "--" blog, please be sure to keep this source http://57388.blog.51cto.com/47388/1546181

Linux Firewall Open specific ports (iptables)