Hi Voytek,
you may prefer to manually write iptables, however I use a nice front
end called guarddog.
Ben
Voytek Eymont wrote:
I've setup Centos 4.4 with default firewall setup, to allow
http/smtp/ssh/ftp;
I didn't see any option to add additional exceptions in install screens;
I'd like to allow MySQL/3306 access
looking at /etc/sysconfig/iptables, the tail of file has like:
---------
....
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j
ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j
ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j
ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
----------
can I just add like, after 'dport 25' line;
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j
ACCEPT
the first line of this file reads:
# Manual customization of this file is not recommended.
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
