Troubleshoot issues where CentOS local access to external hosts cannot be accessed

But the firewall rules in CentOS are quite tight.

The content can be seen with Curl http://localhost:10000, but externally inaccessible because the firewall does not have port 10000 open and 10000 ports need to be added to the trust rule

Join method: Enter the/etc/sysconfig/directory

Input command: iptables-i input-p TCP--dport 10000-j ACCEPT

OK, you can access the

=================

Command for single IP: iptables-i input-s 124.115.0.199-j DROP

Command for IP segment: iptables-i input-s 124.115.0.0/16-j DROP

command to seal the whole segment: iptables-i input-s 194.42.0.0/8-j DROP

Order of several paragraphs: iptables-i input-s 61.37.80.0/24-j DROP

80 ports only: Iptables-i input-p tcp–dport 80-s 124.115.0.0/24-j DROP

Unpacking: Iptables-f

Empty: iptables-d INPUT number

List all the rules for the input chain: iptables-l input--line-numbers

Delete a rule where 5 represents the ordinal (ordinal can be viewed by the command above): iptables-d INPUT 5

Open specified port: iptables-a input-p TCP--dport 80-j ACCEPT

Prohibit specified port: iptables-a input-p TCP--dport 80-j DROP

Deny all ports: Iptables-a input-j DROP

The above is for the input chain operation, that is, the outside to access the direction of the machine, after the configuration needs to be saved, or iptables Restart after the above settings are invalid

Service Iptables Save

Iptables the corresponding configuration file/etc/sysconfig/iptables

Note: The rule matching order of iptables is top to bottom, that is, if there is a conflict between the upper and lower rules, the above rule will prevail.

Troubleshoot issues where CentOS local access to external hosts cannot be accessed