CentOS 6.2 firewall opens, closes, and opens designated ports

Press \\etc/init.d/iptables stop to close and view 114.80.*.*:8080 (ie ip:8080) again and found it to be successful. However, it seems that the security risks are greatly increased …… use /etc/init.d/iptables status to view the firewall information, you can see the open port. Then we should open a port that needs to be used. It should be a feasible method. The command is as follows: /sbin/iptables -I INPUT -p tcp –dport 8080 -j ACCEPT #8080 is the specified port /etc/rc.d/init .d/iptables save #Save the changes /etc/init.d/iptables restart # Restart the firewall for the changes to take effect, of course, if you don't feel trouble, you can restart the system (command: reboot), of course, there is another directly in /etc Add a line to /sysconfig/iptables: -A RH-Firewall-1-INPUT -p tcp -m state –state NEW -m tcp –dport 8080 -j ACCEPT About CentOS Firewall Summary (other Linux distributions can be referenced) The firewall information /etc/init.d/iptables status opens the specified port /sbin/iptables -I INPUT -p tcp –dport 8080 -j ACCEPT/etc/rc.d/init.d/iptables save or edit /etc/sysconfig /iptables add line: -A RH-Firewall-1-INPUT -p tcp -m state –state NEW -m tcp –dport 80 -j ACCEPT #also use -I INPUT -p tcp –dport 8080 -j ACCEPT makes the changed firewall effective /etc/init.d/iptables restart #不推Use the restart system to shut down the firewall service /etc/init.d/iptables stop to permanently shut down the firewall chkconfig –level 35 iptables off #This method is derived from the network, not tested, security considerations refuse to use this method ———— —————- When we use the CentOS system, the CentOS firewall sometimes needs to change settings. The CentOS firewall is enabled by default. The method for setting the CentOS firewall open port is as follows: Open the iptables configuration file: vi /etc/sysconfig/iptables When modifying the CentOS firewall Note: Be sure to leave a good path for yourself, leave a management port and VSH for VNC. Below the administrative port is an example of an iptables: # Firewall configuration written by system-config-securitylevel# Manual customization of this file is not recommended.*filter:INPUT ACCEPT [0:0]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [0:0]: RH-Firewall-1-INPUT – [0:0]-A INPUT -j RH-Firewall-1-INPUT-A FORWARD -j RH-Firewall-1-INPUT-A RH-Firewall -1-INPUT -i lo -j ACCEPT-A RH-Firewall-1-INPUT -p icmp –icmp-type any -j ACCEPT-A RH-Firewall-1-INPUT -p 50 -j ACCEPT-A RH- Firewall-1-INPUT -p 51 -j ACCEPT-A RH-Firewall-1-INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT-A RH-Firewall-1-INPUT -m state –state NEW -m Tcp -p tcp –dport 53 -j ACCEPT-A RH-Firewall-1-INPUT -m state –state NEW -m udp -p udp –dport 53 -j ACCEPT-A RH- Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j ACCEPT-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 25 -j ACCEPT-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT-A RH-Firewall-1-INPUT -m state –state NEW - m tcp -p tcp –dport 443 -j ACCEPT-A RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibitedCOMMITTo modify the CentOS firewall, you must pay attention to the situation of your own server. Modify this file. For example, if you don't want to open port 80 to provide web services, you should delete this line accordingly: -A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 80 - j ACCEPT restarts iptables after all modifications: service iptables restart You can verify whether the rules have been valid: iptables -L, we have completed the CentOS firewall settings modification.