防火墙配置

[root@bmspay ~]# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.4.7 on Fri Apr  3 14:16:25 2015
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [97343:15548348]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -p tcp -m tcp --dport 9107 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 9090 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 9106 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 9102 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 9103 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 9099 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 6379 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5000 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5001 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 1521 -j ACCEPT
-A INPUT -s 192.168.103.0/24 -p tcp -m tcp --dport 6022 -j ACCEPT
-A INPUT -s 192.168.103.0/24 -p tcp -m tcp --dport 3306 -j ACCEPT
-A INPUT -s 192.168.103.0/24 -p tcp -m tcp --dport 1521 -j ACCEPT
-A INPUT -s 192.168.104.0/24 -p tcp -m tcp --dport 6022 -j ACCEPT
-A INPUT -s 192.168.75.91/32 -p tcp -m tcp --dport 6022 -j ACCEPT
-A INPUT -s 192.168.35.79/32 -p tcp -m tcp --dport 6022 -j ACCEPT
-A INPUT -s 192.168.76.67/32 -p tcp -m tcp --dport 6022 -j ACCEPT
-A INPUT -s 192.168.76.68/32 -p tcp -m tcp --dport 6022 -j ACCEPT
-A INPUT -s 192.168.76.76/32 -p tcp -m tcp --dport 6022 -j ACCEPT
-A INPUT -s 192.168.76.77/32 -p tcp -m tcp --dport 6022 -j ACCEPT
-A INPUT -s 192.168.76.78/32 -p tcp -m tcp --dport 6022 -j ACCEPT
-A INPUT -s 192.168.76.79/32 -p tcp -m tcp --dport 6022 -j ACCEPT
-A INPUT -s 192.168.76.80/32 -p tcp -m tcp --dport 6022 -j ACCEPT
-A INPUT -s 172.16.44.163/32 -p tcp -m tcp --dport 6022 -j ACCEPT
-A INPUT -s 192.168.131.94/32 -p tcp -m tcp --dport 6022 -j ACCEPT
-A INPUT -s 192.168.50.237/32 -p tcp -m tcp --dport 6022 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-port-unreachable
COMMIT
# Completed on Fri Apr  3 14:16:25 2015
# Generated by iptables-save v1.4.7 on Fri Apr  3 14:16:25 2015
*nat
:PREROUTING ACCEPT [74522:40425345]
:POSTROUTING ACCEPT [5792:304986]
:OUTPUT ACCEPT [5792:304986]
COMMIT
# Completed on Fri Apr  3 14:16:25 2015