Set iptables firewall whitelist in Linux (RHEL 6 and CentOS 7)
Go to the Linux Command Line and edit the firewall rule configuration file iptables.
Vi/etc/sysconfig/iptables
The following is an example of whitelist settings:
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
* Filter
: Input accept [0: 0]
: Forward accept [0: 0]
: Output accept [0: 0]
: RH-Firewall-1-INPUT-[0: 0]
-N whitelist
-A whitelist-s 10.202.106.1-j ACCEPT
-A whitelist-s 10.202.106.2-j ACCEPT
-A whitelist-s 10.202.106.3-j ACCEPT
-A whitelist-s 10.202.106.4-j ACCEPT
-A whitelist-s 10.202.106.5-j ACCEPT
-A whitelist-s 10.202.106.6-j ACCEPT
-A whitelist-s 10.202.106.7-j ACCEPT
-A input-j RH-Firewall-1-INPUT
-A forward-j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT-I lo-j ACCEPT
-A RH-Firewall-1-INPUT-p icmp -- icmp-type any-j ACCEPT
-An RH-Firewall-1-INPUT-p 50-j ACCEPT
-An RH-Firewall-1-INPUT-p 51-j ACCEPT
-A RH-Firewall-1-INPUT-p udp -- dport 5353-d 224.0.0.20.- j ACCEPT
-A RH-Firewall-1-INPUT-p udp-m udp -- dport 631-j ACCEPT
-A RH-Firewall-1-INPUT-p tcp-m tcp -- dport 631-j ACCEPT
-A RH-Firewall-1-INPUT-m state -- state ESTABLISHED, RELATED-j ACCEPT
-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 22-j ACCEPT
-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 4750-j ACCEPT
-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 3306-j whitelist
-A RH-Firewall-1-INPUT-j REJECT -- reject-with icmp-host-prohibited
In COMMIT, the whitelist settings are as follows:
-N whitelist
-A whitelist-s 10.202.106.1-j ACCEPT
-A whitelist-s 10.202.106.2-j ACCEPT
-A whitelist-s 10.202.106.3-j ACCEPT
-A whitelist-s 10.202.106.4-j ACCEPT
-A whitelist-s 10.202.106.5-j ACCEPT
-A whitelist-s 10.202.106.6-j ACCEPT
-A whitelist-s 10.202.106.7-j ACCEPT
Use the j parameter to specify the whitelist rules:
-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 3306-j whitelist
For more iptables tutorials, see the following:
Disable the default firewall in CentOS 7.0 and enable the iptables firewall.
Iptables examples
Linux Firewall iptables
Basic use of iptables backup, recovery, and firewall scripts
Detailed description of firewall iptables usage rules in Linux
Iptables firewall settings in Linux
This article permanently updates the link address: