Example of opening port 80 in the firewall in Linux

2020-06-15 11:01:01
OfStack

linux if the common port is not added when the firewall is installed, that is, it cannot be accessed, then how to increase the common port to the firewall through state, let's take port 80 as an example.

Recently I have been studying Linux myself. Set up an LNMP environment. All cuts were good in the test. Then restart Linux. Revisiting the site will not open. The final reason is that there is no rule for port 80 in the firewall. The specific methods are as follows:

It is necessary to configure the iptables firewall under CentOS. Come and learn how to configure it! , other version 1:

1. Open the iptables configuration file:

The following code


vi /etc/sysconfig/iptables

Through/etc/init d/iptables status
The command queries whether port 80 is open. If not, it can be handled in two ways:
1. Modify the vi /etc/sysconfig/iptables command to add a firewall to open port 80

The following code


-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

2. Close/open/restart the firewall

The following code


/etc/init.d/iptables stop 
#start  open  
#restart  restart

After adding the firewall rules are as follows:

The following code


# Firewall configuration written by system-config-firewall 
# Manual customization of this file is not recommended. 
*filter 
:INPUT ACCEPT [0:0] 
:FORWARD ACCEPT [0:0] 
:OUTPUT ACCEPT [0:0] 
-A INPUT -m state  � state ESTABLISHED,RELATED -j ACCEPT 
-A INPUT -p icmp -j ACCEPT 
-A INPUT -i lo -j ACCEPT 
-A INPUT -m state  � state NEW -m tcp -p tcp  � dport 22 -j ACCEPT 
-A INPUT -m state  � state NEW -m tcp -p tcp  � dport 80 -j ACCEPT 
-A INPUT -m state  � state NEW -m tcp -p tcp  � dport 3306 -j ACCEPT 
-A INPUT -j REJECT  � reject-with icmp-host-prohibited 
-A FORWARD -j REJECT  � reject-with icmp-host-prohibited 
COMMIT
/etc/init.d/iptables restart

Plus, some friends like to do this

The following code


vi /etc/sysconfig/iptables
-A INPUT -m state  � state NEW -m tcp -p tcp  � dport 80 -j ACCEPT (allowing 80 Port through firewall)  
-A INPUT -m state  � state NEW -m tcp -p tcp  � dport 3306 -j ACCEPT (allowing 3306 Port through firewall)

The test followed this method, and when the firewall was restarted, the two lines of error were reported.


[root@localhost ~]# /etc/init.d/iptables restart 
iptables : Clear firewall rules:                  [ determine ]
iptables : Sets the chain to policy  ACCEPT : filter          [ determine ]
iptables : Uninstalling module:                   [ determine ]
iptables : Apply firewall rules: Bad argument ` � -state'
Error occurred at line: 11
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
                              [ failure ]

Finding this not working well, I tried another way of adding ports by command.

The following code


[root@centos httpd]# /sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT
[root@centos httpd]# /etc/rc.d/init.d/iptables save
[root@centos httpd]# /etc/init.d/iptables restart

That's it. Check it out

The following code


[root@centos httpd]# /etc/init.d/iptables status

conclusion

That's all for this article's example of opening port 80 in a firewall in Linux, and I hope you found it helpful. Interested friends can continue to refer to this site: Linux enterprise operation and maintenance personnel commonly used 150 commands to share, talk about Linux library files, etc. If you have any questions, please feel free to leave a message, this site will reply you in time.