To open a port for TCP connection you have to edit /etc/sysconfig/iptables and append the following line before the COMMIT line
-A INPUT -m state --state NEW -m tcp -p tcp --dport <PORT> -j ACCEPT
And then restart the iptables service by executing
service iptables restart
*EDIT*
I created this post before knowing that you could actually use iptables directly as below :P :
# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport <PORT> -j ACCEPT
You should list your iptables rules first to check whether there's any DROP rule. If your new rule comes after a rule that DROPs any connection on you target port, the port you're trying to open will stay closed. If there's a DROP rule, use -I (insert) instead:
# iptables -I INPUT <rulenum> -m state --state NEW -m tcp -p tcp --dport <PORT> -j ACCEPT
where <rulenum> is the rule index in the chain. and <PORT> is your target port.
No comments:
Post a Comment