Vi/etc/sysconfig/iptables
-A input-m state–state new-m tcp-p tcp–dport 80-j ACCEPT (allow 80 ports through the firewall)
-A input-m state–state new-m tcp-p tcp–dport 3306-j ACCEPT (Allow 3306 ports through the firewall)
Special Tips:Many netizens add these two rules to the last line of the firewall configuration, causing the firewall to fail to start, the correct one should be added to the default port 22 below the rule
After adding the firewall rules as follows:
######################################
# Firewall configuration written by System-config-firewall
# Manual Customization of this file are not recommended.
*filter
: INPUT ACCEPT [0:0]
: FORWARD ACCEPT [0:0]
: OUTPUT ACCEPT [0:0]
-A input-m state–state established,related-j ACCEPT
-A input-p icmp-j ACCEPT
-A input-i lo-j ACCEPT
-A input-m state–state new-m tcp-p tcp–dport 22-j ACCEPT
-A input-m state–state new-m tcp-p tcp–dport 80-j ACCEPT
-A input-m state–state new-m tcp-p tcp–dport 3306-j ACCEPT
-A input-j Reject–reject-with icmp-host-prohibited
-A forward-j Reject–reject-with icmp-host-prohibited
COMMIT
#####################################
/etc/init.d/iptables Restart #最后重启防火墙使配置生效
Linux configuration firewall, open 80 port, 3306 port