Users Guide
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT –p icmp -j ACCEPT
-A INPUT –i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW --dport 443 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
4. After modifying the firewall configuration to accept the port numbers, restart the iptables service
to accept the changes using the service iptables restart command and then use the
service iptables status command to check the status.
#service iptables restart
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]
#service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
Table 3. Status Output
num target prot opt source destinati
on
1 ACCEPT all -- 0.0.0.0/
0
0.0.0.0/0 state
RELATED,ESTABLISHED
2 ACCEPT icmp -- 0.0.0.0/
0
0.0.0.0/0
3 ACCEPT all -- 0.0.0.0/
0
0.0.0.0/0
4 ACCEPT tcp -- 0.0.0.0/
0
0.0.0.0/0 state NEW tcp dpt:80
5 ACCEPT tcp -- 0.0.0.0/
0
0.0.0.0/0 state NEW tcp dpt:443
6 ACCEPT tcp -- 0.0.0.0/
0
0.0.0.0/0 state NEW tcp dpt:22
7 REJECT all -- 0.0.0.0/
0
0.0.0.0/0 reject-with icmp-
host-prohibited
Chain FORWARD (policy ACCEPT)
RPM Installation
29