Linux 增加对外开放的端口

查看端口是否对外开放

/etc/init.d/iptables status

# /etc/init.d/iptables status
表格：filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:3306 
2    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
4    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:22 
5    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:80 
6    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:443 
7    DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:3306 
8    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 8 
9    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
10   ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
11   ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
12   ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22 
13   REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination         
1    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination         

You have new mail in /var/spool/mail/root

增加新的端口【永久】

vim /etc/sysconfig/iptables

增加

-A INPUT -p tcp -m tcp --dport 8888 -j ACCEPT

# Generated by iptables-save v1.4.7 on Wed Oct 10 09:24:47 2018
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [774:133261]
-A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 8888 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 3306 -j DROP
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Wed Oct 10 09:24:47 2018

重启后，即可看到开启情况。

/etc/init.d/iptables restart

# /etc/init.d/iptables status | grep 8888
5    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:8888 
You have new mail in /var/spool/mail/root