≡ Menu

iptables firewall

RHEL / Centos Linux Disable Firewall

How do I disable firewall on CentOS or Red Hat Enterprise Linux server version 5.x/6.x running on my HP micro server?
[click to continue…]

Samba: Linux Iptables Firewall Configuration

How do I configure iptables firewall under CentOS / Fedora / RHEL / Redhat Linux to allow access to the Samba server? How do I open TCP ports # 137, 138, 139 and 445 under Linux so that all Microsoft Windows machine can access files and printer on a Linux host?
[click to continue…]

Configure Linux As Bastion Host

What is bastion host? How do I configure bastion host under Linux? How do I create a firewall for a bastion host under any Linux distribution?
[click to continue…]

The portmapper assigns each NFS service to a port dynamically at service startup time. How do I allow legitimate NFS clients to access the NFS server using RHEL / Fedora / CentOS Linux 5.x iptables firewall?
[click to continue…]

Q.Can you explain the meaning of following two firewall rules present in my /etc/sysconfig/iptables rules under CentOS Enterprise Linux version 5.2?

-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
[click to continue…]

Q. I run both RHEL / CentOS Linux server and by default firewall blocked out everything including telnet / ssh access. How do I allow telnet - port 23 and ssh port 22 thought Linux iptables firewall ?

A.By default firewall rules stored at /etc/sysconfig/iptables location / file under CentOS / RHEL. All you have to do is modify this file to add rules to open port 22 or 23.

Login as the root user.

Open /etc/sysconfig/iptables file, enter:
# vi /etc/sysconfig/iptables
Find line that read as follows:
COMMIT
To open port 22 (ssh), enter (before COMMIT line):

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

To open port 23 (telnet), enter (before COMMIT line):

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j ACCEPT

Save and close the file. Restart the firewall:
# /etc/init.d/iptables restart

Block ip address of spammers with iptables under Linux

Q. How do I block ip address of spammers with iptables based firewall under CentOS Linux 5?

A. You can simply block IP address of spammers by editing /etc/sysconfig/iptables file under:

a) CentOS Linux
b) Fedora Linux
c) RHEL 4.x/5.x etc

Open file /etc/sysconfig/iptables:
# vi /etc/sysconfig/iptables
Append ip address of spammers as follows:
-A RH-Firewall-1-INPUT -s SPAMMER-IP -j DROP
-A RH-Firewall-1-INPUT -s SPAMMER-SUBNET-BLOCK -j DROP

Save and close the file. Just restart the firewall:
# /etc/init.d/iptables restart

You can also create a small shell script to block lots of IP address at a time.