CentOS iptables is accessible only on ports 22 and 80.
Iptables is accessible only on ports 22 and 80.
Run the netstat-tnl command to check which ports are opened on the current server.
Ssh code
Netstat-tnl
View firewall settings
Ssh code
Iptables-L-n
Open ports 22 and 80
Ssh code
Iptables-a input-p tcp -- dport 22-j ACCEPT
Iptables-a output-p tcp -- sport 22-j ACCEPT
Iptables-a input-p tcp -- dport 80-m state -- state NEW, ESTABLISHED-j ACCEPT
Iptables-a output-p tcp -- sport 80-m state -- state NEW, ESTABLISHED-j ACCEPT
Cancel access rules for other ports
Ssh code
Iptables-P INPUT DROP
Iptables-P FORWARD DROP
Iptables-P OUTPUT DROP
Allow local loopback interface (that is, allow local access to the local machine)
Ssh code
Iptables-a input-s 127.0.0.1-d 127.0.0.1-j ACCEPT
Allow established or related connections (such as database links)
Ssh code
Iptables-a input-m state -- state ESTABLISHED, RELATED-j ACCEPT
Allow external access from all hosts
Ssh code
Iptables-a output-j ACCEPT
Save Configuration:
Ssh code
Service iptables save