โค้ด: เลือกทั้งหมด
nano /etc/sysconfig/iptables
โค้ด: เลือกทั้งหมด
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
....
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
โค้ด: เลือกทั้งหมด
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
Save ด้วยคำสั่ง
โค้ด: เลือกทั้งหมด
service iptables save
โค้ด: เลือกทั้งหมด
sudo iptables -L
ควรจะมีประมาณนี้
โค้ด: เลือกทั้งหมด
sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:mysql
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere tcp dpt:EtherNet/IP-1
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:EtherNet/IP-1
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:mysql
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination