Now we have the new tcp port 80 rule at line #5 and so now the http port is accessible from outer network. The above command will add a rule at line #5 stating that the firewall should accept incoming connections on port 80. # iptables -I INPUT 5 -i eth0 -p tcp -dport 80 -m state -state NEW,ESTABLISHED -j ACCEPT To accept http connections we need to add a rule at line number 5 and push the REJECT line below. A little more verbose and numeric list can be seen using the v and n options along with the L option ~]# iptables -line -vnLĬhain INPUT (policy ACCEPT 0 packets, 0 bytes) However the previous line allows to accept ssh connections so ssh is working. REJECT all - anywhere anywhere reject-with icmp-host-prohibitedĪs can be seen in the output, there is a REJECT line in the INPUT chain at the end that says, reject all. ~]# iptables -LĪCCEPT all - anywhere anywhere state RELATED,ESTABLISHEDĪCCEPT tcp - anywhere anywhere state NEW tcp dpt:ssh First check the existing iptables rules in effect. First is using the iptables command and second is by creating a configuration file. There are 2 ways to configure iptables to open up port 80. So it is necessary to configure this firewall to enable connections on network ports. Iptables is the firewall on linux that can be configured to accept or reject network traffic based on various kinds of packet level rulesets. So its necessary to open up port 80 for webserver like nginx to work. Only the ssh port (22) was accessible and remote shell worked. This is because centOS by default has some iptables firewall rules in effect.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |