Firewall configuration file
/ etc / sysconfig / iptables
! Open ports to be placed close above the port statement, otherwise open ports are all closed
for example:
-A --dport the INPUT -p tcp -j ACCEPT 20
-A --dport the INPUT -p tcp -j ACCEPT 21
-A INPUT -j REJECT --reject-with icmp- host-prohibited
After the changes, restart the firewall
service iptables restart
Open native loopback data
iptables -A INPUT -i lo -j ACCEPT
State detecting and tracking database
iptables -A INPUT -m state --state ESTABLISHED, RELATED -j ACCEPT
Opening 22, port number 80,3690,3691
iptables -A 22 --dport the INPUT -p TCP -j ACCEPT
iptables -A 80 --dport the INPUT -p TCP -j ACCEPT
iptables -A the INPUT -p TCP --dport 3690 ACCEPT -j
iptables -A the INPUT -p TCP --dport 3691 -j ACCEPT
Ftp open ports 20, 21 are
iptables -A --dport 20 is the INPUT -p TCP -j ACCEPT
iptables -A 21 is --dport the INPUT -p TCP -j ACCEPT
Check the firewall configuration
iptables -L -n
iptables -L-the INPUT --line a Numbers
Save Configuration
service iptables save
Saved configuration file
/ etc / sysconfig / iptables
Allow other host servers ping
iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
prohibited ping
iptables -A --icmp the INPUT -p-type. 8 ICMP -s 0/0 -j the DROP
Start firewall
/etc/init.d/iptables start
shutting down the firewall
/etc/init.d/iptables stop
restart firewall
/etc/init.d/iptables restart
To delete a rule
iptables -D INPUT -p icmp --icmp-type echo-request -j ACCEPT
modify a rule
iptables -R INPUT 3 -j ACCEPT