Linux Firewall Configuration,Open port 80、3306port
vi /etc/sysconfig/iptables
-A INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT (allow 80 port through the firewall)
-A INPUT -m state –state NEW -m tcp -p tcp –dport 3306 -j ACCEPT (allow port 3306 through the firewall)
Special Note:Many users add these two rules to the last line of firewall configuration,Cause the firewall fails to start,Right should be added to the default port 22. This rule below
After adding a good firewall rules are as follows:
######################################
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 3306 -j ACCEPT
-A INPUT -j REJECT –reject-with icmp-host-prohibited
-A FORWARD -j REJECT –reject-with icmp-host-prohibited
COMMIT
#####################################
/etc/init.d/iptables restart
#Finally, reboot the firewall configuration to take effect
