How to find the config that uses iptables?

M

mr_blond972015-07-24 03:22:20

linux

mr_blond97, 2015-07-24 03:22:20

How to find the config that uses iptables?
The site has iptables configured. Allows connection to port 3306 for only one IP. IP has changed, you need to open the firewall config and change the IP.
I google where its config is located, google says to look in /etc/sysconfig/iptables.old and /etc/sysconfig/iptables-config.
Yeah, I think what I need, I open these configs, they do not have an entry with the desired IP. Apparently iptables uses a custom config. How to find out where he is?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

L

littleguga, 2015-07-24
@littleguga

Display the list via iptables -L
and delete the old one, add the new
one If I'm not mistaken, the config can be saved anywhere.
or do like here:

In CentOS you have the file /etc/sysconfig/iptables
if it's not there you can create it using iptables-save to write the current rules to file
iptables-save > /etc/sysconfig/iptables
to load the file you don't need restart server just use iptables-restore
iptables-restore < /etc/sysconfig/iptables
via

A

Azazel PW, 2015-07-24
@azazelpw

iptables -S will list the rules
=========
/etc/sysconfig/iptables-config
Wrong file you are opening.
mcedit /etc/sysconfig/iptables
change the rule and
/etc/init.d/iptables restart

D

Disen, 2015-07-24
@Disen

So step number one:
iptables -L -n --line-numbers
this command will list all the numbered rules you have.
step number 2:
iptables -D INPUT num, where num is the number of the deny rule.
With this command we remove the prohibition rule
number 3:
iptables -I INPUT 1 -p tcp -s xxxx --dport 3306 -j ACCEPT With
this command we add a new allow rule to the INPUT chain and put it first. In case you have something like -A INPUT -j REJECT --reject-with icmp-host-prohibited at the end of the chain,
if something doesn't work, send the output of iptables -L -n --line-numbers, boom think.