Re: [909linux] IPtables question (was MySQL thread....)

Joel Brauer Thu, 22 Mar 2007 16:12:52 -0700 (PDT)


On Mar 22, 2007, at 3:48 PM, Roger E. Rustad, Jr. wrote:

-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT

Its because -p is to specify protocol. Not sure why the -p 50 and -p 51 lines aren't throwing errors. --dport is to specify destination port. so something like -p tcp --dport 3306 should work

I add the following line

-A RH-Firewall-1-INPUT -p 3306  -j ACCEPT

restarted the service (/etc/init.d/iptables restart) and got the
following error:

***********************************************************
Flushing firewall rules:                                   [  OK  ]
Setting chains to policy ACCEPT: nat filter                [  OK  ]
Unloading iptables modules:                                [  OK  ]
Applying iptables firewall rules: iptables-restore v1.2.11: unknown
protocol `3306' specified
Error occurred at line: 16

Try `iptables-restore -h' or 'iptables-restore --help' for more information.

                                                           [FAILED]
*************************************************************

PGP.sig
Description: This is a digitally signed message part

Re: [909linux] IPtables question (was MySQL thread....)

Reply via email to