Iptables configuration backup iptables configuration is quite troublesome, but you must also learn iptables configuration backup. The following describes how to do this! Firewall settings require * shield all ports * set the default SSH port to 2222 * open ports 2222, 80, and 3306 * set port 3306 to only allow access from IP addresses 202.104.120.22 and 202.104.120.41 * provides temporary access to 3306 (specified IP address) and temporarily close. Iptables specific settings iptables-a input-m state -- state ESTABLISHED, RELATED-j ACCEPT iptables-a input-p tcp -- dport 2222-j ACCEPT iptables-a input-p tcp -- dport 80-j ACCEPT iptables-a input-p tcp -- dport 8080 -j ACCEPT iptables-a output-p tcp -- dport 80-j ACCEPT iptables-a input-p tcp-s 127.0.0.1-j ACCEPT iptables-a input-p tcp-s xxx. xxx. xxx. xxx -- dport 3306-j ACCEPT iptables-A INPUT -P tcp-s 202.104.120.41 -- dport 3306-j ACCEPT iptables-a input-p tcp-s 202.104.120.40 -- dport 3306-j ACCEPT iptables-p input drop iptables-p forward drop iptables- p output drop * must allow port 2222 or port 22 first, then execute the input drop operation, otherwise it will be finished. If you need to remotely manage mysql, use the following command to temporarily open the * Open command iptables-a input-p tcp-s xxx. xxx. xxx. xxx -- dport 3306-j ACCEPT * close command iptables-d input-p tcp-s xxx. xxx. xxx. xxx -- dport 3306-j ACCEPT through the description above, we all know the iptables backup configuration method. Share it with others!