I recently had to modify some rules for IPTables on CentOS 5.5. It’s a great firewall and very powerful, but man can it be a pain in the rear. Here’s some notes to myself that someone may find useful someday :)


/sbin/iptables -D RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2083 -j ACCEPT
/sbin/iptables -D RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2087 -j ACCEPT
/sbin/iptables -D RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
/sbin/iptables -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2083 -j ACCEPT
/sbin/iptables -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 2087 -j ACCEPT
/sbin/iptables -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited


And when you’re done

/sbin/iptables-save