Solved

What is RH-Firewall-1-INPUT for iptables (Linux Centos 5.9)?

Posted on 2014-01-28
7
1,281 Views
Last Modified: 2015-01-05
Hi,

1) I'm wondering what this is:
RH-Firewall-1-INPUT

http://www.cyberciti.biz/faq/linux-open-iptables-firewall-port-22-23/

This is the code. The page says to vim and edit:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

Open in new window


How is that different than using something like (example):
iptables -A INPUT -p tcp --dport 9000 -j ACCEPT

at the command line?

2) Also, I have this:

root@ip-184-168-116-73 [/etc/sysconfig]# vim iptables
# Generated by iptables-save v1.3.5 on Mon Jan 27 12:38:23 2014
*mangle
:PREROUTING ACCEPT [162046:22599185]
:INPUT ACCEPT [162046:22599185]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [172917:32155415]
:POSTROUTING ACCEPT [172917:32155415]
COMMIT
# Completed on Mon Jan 27 12:38:23 2014
# Generated by iptables-save v1.3.5 on Mon Jan 27 12:38:23 2014
*filter
:INPUT ACCEPT [162043:22599033]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [172914:32155295]
:acctboth - [0:0]
-A INPUT -j acctboth
-A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT
-A OUTPUT -j acctboth
-A OUTPUT -p tcp -m tcp --sport 9000 -j ACCEPT

Open in new window


Just wondering what does this part mean:
-A INPUT -j acctboth

before:
-A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT

Thanks!
0
Comment
Question by:Victor Kimura
  • 3
  • 2
  • 2
7 Comments
 
LVL 28

Accepted Solution

by:
Jan Springer earned 167 total points
ID: 39815285
It's just the name of the chain.  You can call it anything though, in this example, using INPUT or anything INPUT makes sense.
0
 

Author Comment

by:Victor Kimura
ID: 39815368
@_jesper@, ok, thanks.
So for FORWARD you can just name it so it's kind of like a comment to let you know what the rule is, right?

Also, I'm wondering what does this part mean:
-A INPUT -j acctboth

before:
-A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT

Thanks!
0
 
LVL 28

Expert Comment

by:Jan Springer
ID: 39815374
there should be more to the ruleset that includes 'acctboth'.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 

Author Comment

by:Victor Kimura
ID: 39815388
when I run cat /etc/sysconfig/iptables
it's in my output.

See my initial post, (2) point or question to see the output
0
 
LVL 61

Assisted Solution

by:gheist
gheist earned 333 total points
ID: 39826296
That is first rule from system-config-firewall, i.e. open port numbers selection screens.
0
 

Author Comment

by:Victor Kimura
ID: 39827919
@gheist, Ok, thanks!

So it's needed like so?

-A INPUT -j acctboth
-A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT

Just wondering if it's omitted, what would happen? I guess I'm not clear about what it means "open port numbers selection screens". Can you expound?

I'm trying to learn the firewall rules. Still very new to me. Thanks!
0
 
LVL 61

Assisted Solution

by:gheist
gheist earned 333 total points
ID: 39828273
Run system-config-firewall-tui and adjust "open ports" adding 9000/tcp
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I am a long time windows user and for me it is normal to have spaces in directory and file names. Changing to Linux I found myself frustrated when I moved my windows data over to my new Linux computer. The problem occurs when at the command line.…
I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now