Configure the iptables configuration parameters of the Centos6.x series firewall:
System environment:
[Root @ hk service] # uname-m
X86_64
[Root @ hk service] # cat/etc/redhat-release
CentOS release 6.6 (Final)
[Root @ hk service] # uname-
Linux www.111cn.net 2.6.32-042stab113. 11 #1 SMP Fri Dec 18 17:32:04 MSK 2015 x86_64 x86_64 x86_64 GNU/Linux
Configuration process:
[Root @ hk/] # iptables-a input-p tcp -- dport 22-j ACCEPT # allow access by the ssh administrator
[Root @ hk/] # iptables-a input-p tcp -- dport 80-j ACCEPT # allow http client access
[Root @ hk/] # iptables-a input-s x. x/32-j ACCEPT # run X. Xip to access
[Root @ hk/] # iptables-a input-s 10.0.0.0/24-p all-j ACCEPT # allow Intranet 10.0.0.0 access
[Root @ hk/] # iptables-a input-I lo-j ACCEPT # run the local loopback interface
[Root @ hk/] # iptables-a output-o lo-j ACCEPT # run the local loopback interface
[Root @ hk/] # iptables-p input drop # enter default drop
[Root @ hk/] # iptables-p forward drop # default drop
[Root @ hk/] # iptables-p output accept @ default accept
[Root @ hk/] # iptables-a input-p icmp-m icmp -- icmp-type any-j ACCEPT
[Root @ hk/] # iptables-a input-p icmp -- icmp-type 8-j ACCEPT
[Root @ hk/] # iptables-a input-m state -- state ESTABLISHED, RELATED-j ACCEPT
[Root @ hk/] # iptables-a output-m state -- state ESTABLISHED, RELATED-j ACCEPT
[Root @ hk/] #/etc/init. d/iptables save
Iptables: Saving firewall rules to/etc/sysconfig/iptables: [OK]
[Root @ hk/] # iptables-l input -- line-numbers
[Root @ hk/] # iptables-d input 2