Randy Randy - 6 months ago 19
Apache Configuration Question

Edit IPTables firewall to enable port 80 doesnt work

I have configured my /etc/sysconfig/iptables file to accept port 80 (not manually, but the file got edited the correct way according to tutorials). The file looks like:

sy# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 5353 -d -j ACCE$
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited

According to my tutorial (and other tuts) the line telling
port 80 -j ACCEPT
should do the trick to enable port 80, but only after disabling my firewall it actually works (danger..).

What can i do to edit my firewall further to accept port 80? I only have access through SSH.

I have added

-A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT

to my table deleting

-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

but that did not do the trick.


I found out that my IPTables settings had nothing to do with firewalld. It was completely ignored (duh.. iptables is another app, using different config files than firewalld).

I have removed firewalld, and made iptables the default firewall.

  • Remove firewalld

  • install (if not installed already) iptables

  • edit /etc/sysconfig/iptables

  • add -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

  • execute the following command (fedora, most likely all redhat distro's):

    • # service iptables save
  • or execute the following command (debian, ubuntu, most likely all debian distro's)

    • # /etc/init.d/iptables save