Opening Ports with iptables

iptables is a common linux software firewall. However, for many new linux users who are unfamiliar with the command line (or google!) some simple tasks such as opening a port on the firewall in order to allow a web-facing service to be reachable by everyone can be daunting.

However, it’s actually quite simple. Just issue the following command;

iptables -I INPUT -p tcp –dport PORT -j ACCEPT

Where PORT is the port number you wish to open, e.g 80. Note that there is a double dash before dport.

The syntax of this command is quite simple. -I INPUT indicates you are altering the input table -p tcp indicates that the protocol is TCP, –dport PORT indicates the destination port and -j accept indicates the action to be taken on matching the rule – in this case to accept traffic. Note that the command requires superuser privileges to execute.

Don’t forget that this will be in vain if iptables isn’t actually running. Under CentOS, you can start the iptables service by issuing the command service iptables start. You’ll also need to save the iptables rules if you want them to persist across a reboot, under CentOS you can issue the command /sbin/service iptables save to achieve this.