• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

How to configure IPtables to open Ports in CentOS / RHEL

by admin

Most Linux distributions will default to running a host-based firewall, iptables. If you want your hosts to communicate with each other, you have two options: turn off iptables or configure iptables to allow communication. I prefer to leave iptables turned on and configure access. Keeping iptables is just another layer of your defense across the network. The post describes how to open or enable some port in CentOS/RHEL using.

Configuring iptables properly is a complicated task, which requires deep knowledge of networking. The example presented here is a simplification.

1. Check status of service tables and start if it is stopped

# service iptables status
# service iptables start
# chkconfig --list iptables
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
# chkconfig iptables on

2. To check current iptables rules (below output shows currently no iptables rules set).

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

3. Add firewall (iptable) rule to allow incoming tcp port (for example, 22):

# iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT

4. List iptables to verify newly added rule.

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Repeat step 3 to continue adding ports to the Linux firewall (iptables)

Procedure to load rules after every reboot

1. Make sure iptables rules added using above procedure.

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

2. Save iptables to a file. File name in below command can be anything.

# iptables-save > /root/iptable_rules

3. Edit ‘/etc/rc.local‘ file add following entry to restore iptable rules after every reboot.

# iptables-restore < /root/iptable_rules

4. Save and close the file.

Filed Under: CentOS/RHEL 5, Linux, OEL 6

Some more articles you might also be interested in …

  1. How To Increase The Retention Of “sar” Data To ‘N’ Days in Linux
  2. How to Delete Duplicate Rules in Routing Policy Database in CentOS/RHEL
  3. CentOS / RHEL 7 : How to set udev rules for ASM on multipath disks
  4. CentOS/RHEL: How to find the package with a missing file using YUM
  5. How to create partitions inside loopback device
  6. How to schedule Jobs with Cron in Linux
  7. Using iostat to monitor system performance in Linux (Examples included)
  8. How To Configure 802.1q VLAN On NIC On CentOS/RHEL 7 and 8
  9. CentOS / RHEL 6 : How to force a NTP sync with the NTP server(s)
  10. CentOS/RHEL7 – Tuned Profiles Oracle

You May Also Like

Primary Sidebar

Recent Posts

  • qemu-system-x86_64: command not found
  • timedatectl: command not found
  • mpirun.openmpi: command not found
  • startkde: command not found

© 2022 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright