Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

What is RH-Firewall-1-INPUT for iptables (Linux Centos 5.9)?

Posted on 2014-01-28
7
Medium Priority
?
1,589 Views
Last Modified: 2015-01-05
Hi,

1) I'm wondering what this is:
RH-Firewall-1-INPUT

http://www.cyberciti.biz/faq/linux-open-iptables-firewall-port-22-23/

This is the code. The page says to vim and edit:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

Open in new window


How is that different than using something like (example):
iptables -A INPUT -p tcp --dport 9000 -j ACCEPT

at the command line?

2) Also, I have this:

root@ip-184-168-116-73 [/etc/sysconfig]# vim iptables
# Generated by iptables-save v1.3.5 on Mon Jan 27 12:38:23 2014
*mangle
:PREROUTING ACCEPT [162046:22599185]
:INPUT ACCEPT [162046:22599185]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [172917:32155415]
:POSTROUTING ACCEPT [172917:32155415]
COMMIT
# Completed on Mon Jan 27 12:38:23 2014
# Generated by iptables-save v1.3.5 on Mon Jan 27 12:38:23 2014
*filter
:INPUT ACCEPT [162043:22599033]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [172914:32155295]
:acctboth - [0:0]
-A INPUT -j acctboth
-A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT
-A OUTPUT -j acctboth
-A OUTPUT -p tcp -m tcp --sport 9000 -j ACCEPT

Open in new window


Just wondering what does this part mean:
-A INPUT -j acctboth

before:
-A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT

Thanks!
0
Comment
Question by:Victor Kimura
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 29

Accepted Solution

by:
Jan Springer earned 668 total points
ID: 39815285
It's just the name of the chain.  You can call it anything though, in this example, using INPUT or anything INPUT makes sense.
0
 

Author Comment

by:Victor Kimura
ID: 39815368
@_jesper@, ok, thanks.
So for FORWARD you can just name it so it's kind of like a comment to let you know what the rule is, right?

Also, I'm wondering what does this part mean:
-A INPUT -j acctboth

before:
-A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT

Thanks!
0
 
LVL 29

Expert Comment

by:Jan Springer
ID: 39815374
there should be more to the ruleset that includes 'acctboth'.
0
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

 

Author Comment

by:Victor Kimura
ID: 39815388
when I run cat /etc/sysconfig/iptables
it's in my output.

See my initial post, (2) point or question to see the output
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 1332 total points
ID: 39826296
That is first rule from system-config-firewall, i.e. open port numbers selection screens.
0
 

Author Comment

by:Victor Kimura
ID: 39827919
@gheist, Ok, thanks!

So it's needed like so?

-A INPUT -j acctboth
-A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT

Just wondering if it's omitted, what would happen? I guess I'm not clear about what it means "open port numbers selection screens". Can you expound?

I'm trying to learn the firewall rules. Still very new to me. Thanks!
0
 
LVL 62

Assisted Solution

by:gheist
gheist earned 1332 total points
ID: 39828273
Run system-config-firewall-tui and adjust "open ports" adding 9000/tcp
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question