Tutorial on CentOS 7 to check the opening status of iptables firewall and add open specified ports

If the SSH port of the VPS is the default 22, then your VPS is likely to be batch scanned by others to brute force your SSH login password. The effective way to prevent this problem is to modify the SSH port. The CentOS 7 systems of some VPS manufacturers will enable the iptables firewall by default, so we need to open a new SSH port in the firewall. The specific tutorial is introduced below.

1. Check the opening status of iptables

Not all CentOS 7 has the iptables firewall turned on by default, so we need to first check whether iptables on our VPS is running:

service iptables status

If it returns active, it is in the open state, and you need to open the port in iptables. If iptables is not turned on here, but your new port still cannot be connected, then it may be that other firewalls are turned on, such as firewalld and SELinux. How to check the status of these two firewalls and add allowed ports, please refer to: "CentOS7 Modify SSH" Port, you need to set up Firewalld and SELinux to release the new port.

2. Add release port to iptables

For example, here we want to add a new allowed port 2222.

1. Open the port

Add a new CentOS 7 firewall rule in the INPUT chain to allow the specified port 2222.

iptables -I INPUT -p tcp --dport 2222 --syn -j ACCEPT

2. Save settings

Save the new iptables firewall settings so that they will take effect when you restart the VPS.

service iptables save

3. View rules

Check whether the specified CentOS 7 firewall port is opened successfully.

iptables-vnL

Here you can see that we have successfully added port 2222 to the iptables firewall:

Recommended site searches: US attack-proof server, cheapest cloud server, high-defense server rental qy, icp filing website, ip reverse check, filing-free space free network, Ministry of Industry and Information Technology filing query, the best virtual host in mainland China, Domain name registration, Wanwang space,