[root@pc10 ~]# iptables -A INPUT -p tcp -s 0/0 --dport 5907 -j ACCEPT
[root@pc10 ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-ns
ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-dgm
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:nfs
ACCEPT udp -- anywhere anywhere state NEW udp dpt:nfs
ACCEPT udp -- anywhere anywhere state NEW udp dpt:openvpn
ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-ns
ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-dgm
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:netbios-ssn
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:microsoft-ds
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ipp
ACCEPT udp -- anywhere anywhere state NEW udp dpt:ipp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:5907
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@pc10 ~]# service iptables save
iptables: Guardando las reglas del cortafuegos en /etc/sysc[ OK ]tables:
[root@pc10 ~]# service iptables restart
iptables: Guardando las reglas del cortafuegos: [ OK ]
iptables: Poniendo las cadenas de la polÃtica ACCEPT: filt[ OK ]
iptables: Descargando módulos: [ OK ]
iptables: Aplicando reglas del cortafuegos: [ OK ]
iptables: Cargando módulos adicionales:nf_conntrack_netbio[ OK ]
[root@pc10 ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-ns
ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-dgm
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:nfs
ACCEPT udp -- anywhere anywhere state NEW udp dpt:nfs
ACCEPT udp -- anywhere anywhere state NEW udp dpt:openvpn
ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-ns
ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-dgm
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:netbios-ssn
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:microsoft-ds
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ipp
ACCEPT udp -- anywhere anywhere state NEW udp dpt:ipp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:5907
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@pc10 ~]# service iptables save
iptables: Guardando las reglas del cortafuegos en /etc/sysc[ OK ]tables:
[root@pc10 ~]# service iptables restart
iptables: Guardando las reglas del cortafuegos: [ OK ]
iptables: Poniendo las cadenas de la polÃtica ACCEPT: filt[ OK ]
iptables: Descargando módulos: [ OK ]
iptables: Aplicando reglas del cortafuegos: [ OK ]
iptables: Cargando módulos adicionales:nf_conntrack_netbio[ OK ]
1 comentario:
Para el caso de que nuestra chain INPUT tenga al final una regla de REJECT ALL, hay que Insertar la nueva regla antes del REJECT. A continuación está el ejemplo de Inserción en la chain INPUT luego de la regla número 10:
iptables -A INPUT -p tcp -s 0/0 --dport 5907 -j ACCEPT
Si tienes dudas, comenta aquí.
Publicar un comentario