Hello All, I have a dedicated server which act as an edge server for my Wowza load balancer. I need the following ports open for it to work properly. - Ports: 80, 1935, 8084, 8085 and port 22 for me to connect via SSH - All ports above should have INPUT/OUTPUT allowed - I also would like to keep all outgoing from the server allowed I have attempted numerous times but most of the time it doesn't work and even got kicked out from the server. Here is what I have (I directly edit the etc/sysconfig/iptables and then /etc/init.d/iptables restart) # Generated by iptables-save v1.3.5 on Fri Sep 23 17:40:16 2011 *filter :INPUT DROP [28:2302] :FORWARD DROP [0:0] :OUTPUT ACCEPT [26:3152] -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 1935 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 8084 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 8085 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 8086 -j ACCEPT COMMIT # Completed on Fri Sep 23 17:40:16 2011 Code (markup): Any help in this regard is really appreciated.
Add these rules (console commands) to open the ports you want (change eth0 acordingly to match your network device). These rules will accept new incoming connections to your desired ports. iptables -A INPUT -i eth0 -p TCP --dport 22 -m state --state NEW -j ACCEPT iptables -A INPUT -i eth0 -p TCP --dport 80 -m state --state NEW -j ACCEPT iptables -A INPUT -i eth0 -p TCP --dport 1935 -m state --state NEW -j ACCEPT iptables -A INPUT -i eth0 -p TCP --dport 8084 -m state --state NEW -j ACCEPT iptables -A INPUT -i eth0 -p TCP --dport 8085 -m state --state NEW -j ACCEPT iptables -A INPUT -i eth0 -p TCP --dport 8086 -m state --state NEW -j ACCEPT Add this rule to accept packets from already established connections. iptables -A INPUT -p TCP -m state --state RELATED -j ACCEPT Byezz