[CentOS] Inquiry:iptables ?

Mon Nov 2 14:36:46 UTC 2009
Rob Kampen <rkampen at kampensonline.com>

ken wrote:
> On 10/31/2009 04:10 AM Tony Molloy wrote:
>   
>> On Saturday 31 October 2009 07:48:05 hadi motamedi wrote:
>>     
>>> Dear All
>>> To open a port , I know that I need to go to "System -> Administration ->
>>> Security Level and Firewall" -> Other ports and then I can open port-5901
>>> as tcp protocol . Can you please do me favor and let me know how it can be
>>> done from the command line (if my CentOS is text-mode installed) ? (perhaps
>>> via iptables?)
>>> Let me thank you in advance
>>>       
>> Edit /etc/sysconfig/iptables
>>
>> Restart iptables with service iptables restart
>>
>> Tony
>>     
>
> My /etc/sysconfig/iptables states at the top that editing of it is not
> recommended.  Yeah, I don't always follow such recommendations myself,
> but is there perhaps another way more in keeping with the sense of the
> application?
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>   
Yeah, editing directly can be risky, nothing worse than making a change 
only to find that access to your server just disappeared and you need to 
get in front of it to reset via the console....
I use webmin for most of my edits, only make it accessible from the LAN 
and not the WAN. You can always tunnel the :10000 port via ssh and 
access securely from a remote location.
The webmin console is left open while I test, thus I have not yet 
tripped up on this though I can imagine it is not fool proof.
HTH
Rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rkampen.vcf
Type: text/x-vcard
Size: 196 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20091102/80fb01b7/attachment-0005.vcf>