• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to configure IPtables to open Ports in CentOS / RHEL

by admin

Most Linux distributions will default to running a host-based firewall, iptables. If you want your hosts to communicate with each other, you have two options: turn off iptables or configure iptables to allow communication. I prefer to leave iptables turned on and configure access. Keeping iptables is just another layer of your defense across the network. The post describes how to open or enable some port in CentOS/RHEL using.

Configuring iptables properly is a complicated task, which requires deep knowledge of networking. The example presented here is a simplification.

1. Check status of service tables and start if it is stopped

# service iptables status
# service iptables start
# chkconfig --list iptables
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
# chkconfig iptables on

2. To check current iptables rules (below output shows currently no iptables rules set).

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

3. Add firewall (iptable) rule to allow incoming tcp port (for example, 22):

# iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT

4. List iptables to verify newly added rule.

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Repeat step 3 to continue adding ports to the Linux firewall (iptables)

Procedure to load rules after every reboot

1. Make sure iptables rules added using above procedure.

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

2. Save iptables to a file. File name in below command can be anything.

# iptables-save > /root/iptable_rules

3. Edit ‘/etc/rc.local‘ file add following entry to restore iptable rules after every reboot.

# iptables-restore < /root/iptable_rules

4. Save and close the file.

Filed Under: CentOS/RHEL 5, Linux, OEL 6

Some more articles you might also be interested in …

  1. CentOS / RHEL 7 : How to configure kdump
  2. ethtool: command not found
  3. kexec: command not found
  4. debchange: command not found
  5. e4defrag: command not found
  6. pacdiff Command Examples in Linux
  7. How to Use iptables instead of firewalld on CentOS/RHEL 7 and 8
  8. How to Rename KVM VM with virsh
  9. How to configure Linux Resource Groups (cgroups) for MySQL
  10. How To Masquerade Sender Address In Sendmail in CentOS/RHEL

You May Also Like

Primary Sidebar

Recent Posts

  • aws ec2: CLI for AWS EC2 (Command Examples)
  • aws cur – Create, query, and delete AWS usage report definitions (Command Examples)
  • aws configure – Manage configuration for the AWS CLI (Command Examples)
  • aws cognito-idp: Manage Amazon Cognito user pool and its users and groups using the CLI

© 2023 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright