As shown, the Fedora defines a RH-Firewall-1-INPUT chain. The iptables -A INPUT command will be at the end of INPUT chain as shown:[root@mylinux ~]# iptables -A INPUT -p tcp --dport 444 -j ACCEPT
[root@mylinux ~]# cat /etc/services | grep 444snpp 444/tcp # Simple Network Paging Protocol
snpp 444/udp # Simple Network Paging Protocol
The newly-defined filter record will never be executed because INPUT will redirect all the filtering action to RH-Firewall-1-INPUT chain. You should add the filter record to RH-Firewall-1-INPUT chain.
[root@mylinux ~]# iptables -A RH-Firewall-1-INPUT -p tcp --dport 444 -j ACCEPT
Or, You should use the INSERT option.
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:snpp
RH-Firewall-1-INPUT 0 -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:snpp
Remember to run iptables-save command. If you forget running iptables-save, the newly-defined records will be lost when you restart your system.
Why? I define a port under "Other ports". I close the Security Level Configuration window. When I open it again, the definition is not there. iptables -L does not report the open port.???Solution:
After you define a ports, e.g. 5900-5905/tcp, I double-click on one of the Trusted services, e.g. FTP and click button Apply.
The above popup box shows. Click Yes button. In terminal window, run iptables-save command. Then, click OK button on Security Level Configuration window. The configuration is saved.
The /etc/services file has many definitions. When you run iptables -L command, the some port numbers will be replaced with the names, such as 444/udp will be replaced with dpt:snpp.
