top button
Flag Notify
    Connect to us
      Facebook Login
      Site Registration Why to Join

Facebook Login
Site Registration

Recommended way of handling iptables firewall in CentOS?

+2 votes
67 views

I'm planning to use CentOS 6.x on a handful of LAN servers. So far I've been using Slackware64 14.0 and 14.1 for the job.

I wonder what's the orthodox/recommended way of configuring and iptables firewall with CentOS. I understand there's the system-config-securitylevel-tui NCurses interface which allows defining a basic set of rules. But what about the handful of more advanced rules I have to configure?

Here's an example of an /etc/rc.d/rc.firewall script that I might use with Slackware. It contains mostly basic rules, and a couple of more advanced rules, one to limit SSH access, the other one to redirect HTTP traffic to Squid.

If I want to copy my actual firewall configuration to CentOS, what would be the recommended way? I started from a bare bones minimal CentOS 6.5 installation, so system-config-securitylevel-tui is not even installed.
Is it a good idea to try to configure /etc/sysconfig/iptables by hand? What do you suggest?

posted Oct 13, 2014 by anonymous

Looking for an answer?  Promote on:
Facebook Share Button Twitter Share Button LinkedIn Share Button

Similar Questions
+6 votes

Noticing multiple threads named "ImageDecoder" showing up in the output of top (when threads are turned on with "H").

Can someone tell me what it is?

+3 votes

I googled to see how I might restart the network interface in CentOS. I initially tried before googling:

sudo service network restart

I noticed that only the loopback interface was restarted. To confirm this I did:

service network stop

and then did

ifconfig

and the loopback info was gone. I then found ifconfig eth0 up/down and tried those and that did what I is was looking for. Why doesn't "service network restart" restart all interfaces?

+4 votes

How to install "Latex2man" (Rpm file) in CentOs?
And what are other dependencies need to be installed with it?

0 votes

I have a server with an 17tb scsi-storage. In past, the storage has a "jfs"-filesystem. Now i want to create a "ext4"-filesystem. I have update the e2fsprogs from 1.41 to 1.42 (16tb limit >1.41).

Now I have an 17tb-storage as /dev/sda1 with ext4. I can mount this device as /home/ (/etc/fstab /dev/sda1 /home/ ext4 defaults 1 2". Now I start a e2fschk /dev/sda1 (umounted). No error-messages are in
the screen.

If I now reboot the server, the server does not started:

I think thats can be a problem with the e2fsprogs 1.42, now i reinstall the server with the default e2fsprogs 1.41 from CentOS 6.4 and create only a 16tb /dev/sda1 partition with ext4. But if i start a "e2fschk
/dev/sda1" and reboot the server, i have the same message in the boot-screen and the server does not boot.

Why the system thinks that the device still be in use? How can i change this?

+1 vote

I have a problem in that at first all my log files were dated 12-31-1969 and logrotate has:

# more /var/lib/logrotate.status
logrotate state -- version 2
"/var/log/yum.log" 1969-12-31-20:26:1
"/var/named/data/named.run" 1969-12-31-20:26:1
"/var/log/httpd/error_log" 2015-8-27-4:43:1
"/var/log/wtmp" 1969-12-31-20:26:1
"/var/log/chrony/*.log" 2015-8-19-22:0:0
"/var/log/spooler" 1969-12-31-20:26:1
"/var/log/btmp" 1969-12-31-20:26:1
"/var/log/maillog" 1969-12-31-20:26:1
"/var/log/wpa_supplicant.log" 2015-8-19-22:0:0
"/var/log/secure" 1969-12-31-20:26:1
"/var/log/ppp/connect-errors" 2015-8-19-22:0:0
"/var/log/messages" 1969-12-31-20:26:1
"/var/log/cron" 1969-12-31-20:26:1
"/var/log/httpd/access_log" 2015-8-27-4:43:1

How do I get this file rebuilt with the dates currently on the files listed?

Contact Us
+91 9880187415
sales@queryhome.net
support@queryhome.net
#280, 3rd floor, 5th Main
6th Sector, HSR Layout
Bangalore-560102
Karnataka INDIA.
QUERY HOME
...