1)查看80断开是否打开(肯定没打开)
[root@centos5 conf]# iptables -L –n
Chain INPUT (policy ACCEPT)
targetprot opt sourcedestination
RH-Firewall-1-INPUT all-- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
targetprot opt sourcedestination
RH-Firewall-1-INPUT all-- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
targetprot opt sourcedestination
Chain RH-Firewall-1-INPUT (2 references)
targetprot opt sourcedestination
ACCEPTall -- 0.0.0.0/0 0.0.0.0/0
ACCEPTicmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
ACCEPTesp -- 0.0.0.0/0 0.0.0.0/0
ACCEPTah -- 0.0.0.0/0 0.0.0.0/0
ACCEPTudp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
ACCEPTudp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
ACCEPTtcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
ACCEPTall -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPTtcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
REJECTall -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
[root@centos5 conf]# vim/etc/sysconfig/iptables
新增规则如下:
-A RH-Firewall-1-INPUT -m state --state NEW-m tcp -p tcp --dport 80 -j ACCEPT
3)重启iptalbes
[root@centos5 conf]# service iptables restart
4)再次查看
Chain INPUT (policy ACCEPT)
targetprot opt sourcedestination
RH-Firewall-1-INPUT all-- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
targetprot opt sourcedestination
RH-Firewall-1-INPUT all-- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
targetprot opt sourcedestination
Chain RH-Firewall-1-INPUT (2 references)
targetprot opt sourcedestination
ACCEPTall -- 0.0.0.0/0 0.0.0.0/0
ACCEPTicmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
ACCEPTesp -- 0.0.0.0/0 0.0.0.0/0
ACCEPTah -- 0.0.0.0/0 0.0.0.0/0
ACCEPTudp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
ACCEPTudp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
ACCEPTtcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
ACCEPTall -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPTtcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp-- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
REJECTall -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
