What is RH-Firewall-1-INPUT for iptables (Linux Centos 5.9)?
Hi,
1) I'm wondering what this is:
RH-Firewall-1-INPUT
http://www.cyberciti.biz/faq/linux-open-iptables-firewall-port-22-23/
This is the code. The page says to vim and edit:
How is that different than using something like (example):
iptables -A INPUT -p tcp --dport 9000 -j ACCEPT
at the command line?
2) Also, I have this:
Just wondering what does this part mean:
-A INPUT -j acctboth
before:
-A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT
Thanks!
1) I'm wondering what this is:
RH-Firewall-1-INPUT
http://www.cyberciti.biz/faq/linux-open-iptables-firewall-port-22-23/
This is the code. The page says to vim and edit:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPTHow is that different than using something like (example):
iptables -A INPUT -p tcp --dport 9000 -j ACCEPT
at the command line?
2) Also, I have this:
root@ip-184-168-116-73 [/etc/sysconfig]# vim iptables
# Generated by iptables-save v1.3.5 on Mon Jan 27 12:38:23 2014
*mangle
:PREROUTING ACCEPT [162046:22599185]
:INPUT ACCEPT [162046:22599185]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [172917:32155415]
:POSTROUTING ACCEPT [172917:32155415]
COMMIT
# Completed on Mon Jan 27 12:38:23 2014
# Generated by iptables-save v1.3.5 on Mon Jan 27 12:38:23 2014
*filter
:INPUT ACCEPT [162043:22599033]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [172914:32155295]
:acctboth - [0:0]
-A INPUT -j acctboth
-A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT
-A OUTPUT -j acctboth
-A OUTPUT -p tcp -m tcp --sport 9000 -j ACCEPTJust wondering what does this part mean:
-A INPUT -j acctboth
before:
-A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT
Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
there should be more to the ruleset that includes 'acctboth'.
ASKER
when I run cat /etc/sysconfig/iptables
it's in my output.
See my initial post, (2) point or question to see the output
it's in my output.
See my initial post, (2) point or question to see the output
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@gheist, Ok, thanks!
So it's needed like so?
-A INPUT -j acctboth
-A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT
Just wondering if it's omitted, what would happen? I guess I'm not clear about what it means "open port numbers selection screens". Can you expound?
I'm trying to learn the firewall rules. Still very new to me. Thanks!
So it's needed like so?
-A INPUT -j acctboth
-A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT
Just wondering if it's omitted, what would happen? I guess I'm not clear about what it means "open port numbers selection screens". Can you expound?
I'm trying to learn the firewall rules. Still very new to me. Thanks!
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
So for FORWARD you can just name it so it's kind of like a comment to let you know what the rule is, right?
Also, I'm wondering what does this part mean:
-A INPUT -j acctboth
before:
-A INPUT -p tcp -m tcp --dport 9000 -j ACCEPT
Thanks!