CentOS iptables Settings

# #save As/etc/sysconfig/iptables,then/etc/init.d/iptables Restart |start

# Firewall configuration written by Redhat-config-securitylevel

*filter

: INPUT DROP [0:0]

: FORWARD ACCEPT [0:0]

: OUTPUT ACCEPT [0:0]

: Rh-firewall-1-input-[0:0]

-A input-j Rh-firewall-1-input

-A forward-j Rh-firewall-1-input

-A rh-firewall-1-input-i lo-j ACCEPT

-A rh-firewall-1-input-p ICMP--icmp-type any-j ACCEPT

-A rh-firewall-1-input-p tcp-m tcp--tcp-flags Fin,syn fin,syn-j DROP

-A rh-firewall-1-input-m state--state established,related-j ACCEPT

-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 22-j ACCEPT

-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 2222-j ACCEPT

#

-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 80-j ACCEPT

-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 443-j ACCEPT

#

-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 3306-j ACCEPT

#

-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 8081-j ACCEPT

-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 8088-j ACCEPT

#

-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 53-j ACCEPT

-A rh-firewall-1-input-m state--state new-m udp-p UDP--dport 53-j ACCEPT

#

-A rh-firewall-1-input-s xxx.xxx.xxx.xxx-j ACCEPT

#

-A rh-firewall-1-input-p tcp-m state--state new-m tcp-s--dport 6666-j ACCEPT

-A rh-firewall-1-input-p tcp-m state--state new-m tcp-s xxx.xxx.xxx.xxx--dport port1-j ACCEPT

#

#

-A rh-firewall-1-input-j REJECT--reject-with icmp-host-prohibited

COMMIT

#

This article from "Wosec" blog, reproduced please contact the author!

CentOS iptables Settings