Tag Archive: system administration

Feb 20 2007

Unix Firewall Rules

*filter :INPUT ACCEPT :FORWARD ACCEPT :OUTPUT ACCEPT :RH-Firewall-1-INPUT – -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp –icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -p udp –dport 5353 -d 224.0.0.251 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp –dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT -A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 8080 -j ACCEPT -A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 8887 -j ACCEPT -A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 3306 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited COMMIT Once you add the rules in, you need to restart the firewall by doing the following command: # service iptables restart accept, dport, firewall, iptables, linux, mysql, ports, red hat, reject, rules, server, state, system administration, tcp, unix

Permanent link to this article: http://www.armenianeagle.com/2007/02/20/unix-firewall-rules/