[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: how to config 80 port for apache in iptables

Nathan Huang wrote:
Hi guys
who can help me with opening 80 port for apache in iptables, I want to
access my apache server from remote computer,  but I failed in config
iptables with 80 port.

First step:
echo '-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport
80 -j ACCEPT' >> /etc/sysconfig/iptables

Second step:
/sbin/service iptables restart

iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Unloading modules:                               [  OK  ]
iptables: Applying firewall rules: iptables-restore: line 15 failed

who can tell me what's wrong with my iptable configuration.

The chain name "RH-Firewall-1-INPUT" is obsolete and should not be used for Fedora >= 9 (system-config-firewall >= 1.2.0). Please use the chain "INPUT" instead.

If you are using system-config-firewall instead of changing /etc/sysconfig/ip*tables by hand, then your configuration changes will be persistent and will not be lost if you are using e.g. libvirt or system-config-firewall or lokkit.

The /etc/sysconfig/ip*tables files are only used to be able to feed the ip*tables services. If you do not want to use system-config-firewall and want to administer your firewall configuration on your own, you should use "lokkit --disabled". But keep in mind that you should do this before you are writing the configuration files /etc/sysconfig/ip*tables, because they will be removed in versions prior to F-11 and renamed to /etc/sysconfig/ip*tables.old with F-11 and later.

Thomas (the author of system-config-firewall)

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]