The frequency of using iptables configuration is very low, but it is quite troublesome to check the information every time. In fact, the command looks cumbersome, but there are still rules to remember.
First, under iptables --help, look at the approximate command parameters.
Add entry rules:
iptables -A [chainname] -p [tcp] --dport [8081] -j ACCEPT
where chainname is commonly used INPUT and OUTPUT, which can be viewed through iptables -L. For entry rules, fill in INPUT. --dport fill in the access port.
Add an exit rule:
iptables -A OUTPUT -p tcp --sport 8081 -j ACCEPT
is similar to the entry rule, except that -A becomes OUTPUT, and
after editing the port written by --sport, save it: /sbin/service iptables save
Delete:
iptables -L --line-numbers to see the current rules.
iptables -D [rulenum]
Others:
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
Open the "loopback" first to avoid unnecessary trouble.
iptables -A INPUT -i eth+ -p icmp --icmp-type 8 -j ACCEPT
iptables -A OUTPUT -o eth+ -p icmp --icmp-type 0 -j ACCEPT
enables ping on all network cards for easy maintenance and detection .
Some other configurations:
http://blog.chinaunix.net/uid-9950859-id-98279.html
iptables configuration brief
Guess you like
Origin http://43.154.161.224:23101/article/api/json?id=326471206&siteId=291194637
Ranking