Results 1 to 4 of 4

Thread: Centos iptables closing port

  1. 7th July 2010, 06:05 AM #1
    chinalinix
    chinalinix is offline
    Senior Member
    Join Date
    Jul 2009
    Posts
    130
    Thanks
    67
    Thanked 3 Times in 2 Posts
    Rep Power
    4

    Thumbs up Centos iptables closing port

    I know how to open port using iptables but how i can close tcp and udp port say port number 3306 so one can enter or hack into it from internet.

    Thank you.
    English not my first language. If not understood my question ask me.
    Reply With Quote Reply With Quote
  3. 7th July 2010, 12:37 PM #2
    sem007
    sem007 is offline
    Member
    Join Date
    Dec 2009
    Posts
    45
    Thanks
    3
    Thanked 8 Times in 8 Posts
    Rep Power
    0

    Default

    Hi,

    If your default action is DROP or REJECT in iptables then you need to open required port. and if you default action is ACCEPT then you need to close particular port.

    exa.
    reject ssh connection from specific IP
    iptables -t filter -A INPUT -s 192.168.0.1 -p tcp --dport 22 -j REJECT

    HTH
    Reply With Quote Reply With Quote

  4. The Following User Says Thank You to sem007 For This Useful Post:

    wuwen1023 (9th July 2010)
  5. 9th July 2010, 07:08 AM #3
    wuwen1023
    wuwen1023 is offline
    Junior Member
    Join Date
    Jul 2009
    Posts
    5
    Thanks
    2
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Default

    /sbin/iptables -A INPUT -s IP -p tcp --dport 3306 -j ACCEPT
    The IP is you trust host
    Reply With Quote Reply With Quote
  6. 9th July 2010, 09:41 PM #4
    nixcraft
    nixcraft is offline
    Never say die nixcraft's Avatar
    Join Date
    Jan 2005
    Location
    BIOS
    Posts
    4,374
    Thanks
    17
    Thanked 754 Times in 496 Posts
    Rep Power
    10

    Default

    After closing port, make sure you save rules:
    Code:
    service iptables save
    So if you close port 22 for eth1 public interface and only allowed eth0 vpn, it will look as follows:
    Code:
    # allow eth0 for vpn / lan session connected via eth0
/sbin/iptables -A INPUT -i eth0 -s 0/0  -p tcp --dport 22 -j ACCEPT
# close port 22 for everyone at eth1
/sbin/iptables -A INPUT -i eth1 -s 0/0  -p tcp --dport 22 -j DROP
# save the firewall rules
/sbin/service iptables save
    Just in case if you need more info try our CentOS / RHEL firewall tutorial:

    Last edited by nixcraft; 9th July 2010 at 10:02 PM.
    All [Solved] threads are closed by mods / admin to avoid spam issues. See Howto mark a thread as [Solved]

    Reply With Quote Reply With Quote
« Adding username to sshd | Remote manage centos Linux »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. KVM Virsh: Redirect CentOS / Redhat Console To A Serial Port
    By jerry in forum Kernel-based Virtual Machine
    Replies: 5
    Last Post: 17th March 2011, 10:22 PM
  2. Open Port in IPTABLES
    By jayank008 in forum Networking, Firewalls and Security
    Replies: 2
    Last Post: 30th January 2010, 01:37 PM
  3. Dns,ftp and iptables in centos..?
    By VijayChaitanya in forum CentOS / RHEL / Fedora
    Replies: 1
    Last Post: 2nd December 2009, 08:43 AM
  4. [Solved] ipTables rule to block a port for all internal IP Addresses except one
    By pranaysharmadelhi in forum Networking, Firewalls and Security
    Replies: 2
    Last Post: 14th July 2009, 09:49 PM
  5. Blocking port in iptables
    By asim.mcp in forum Linux software
    Replies: 3
    Last Post: 17th July 2006, 10:00 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41