Trouble with iptables script (ww_install script)

Re: Trouble with iptables script (ww_install script)

by Danny Glin -
Number of replies: 0
It looks like has the name of the network interface hard-coded as eth0. You could try changing all mentions of eth0 to the name of your interface if you want to use the script, though I suspect the script has not been very well tested.

In answer to your question, I believe you only need to allow port 80 (and 443 if you want to use https). I believe that this is the command you want:
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
(repeat for port 443 if desired). Note you will have to save these rules in configuration (put everything from "-A..." onward into /etc/sysconfig/iptables) if you want them to be loaded when iptables starts.

Note also that by default CentOS 7 uses firewalld to manage firewall rules, which sits on top of iptables. If firewalld is running, then it's a bad idea to edit iptables rules directly, as firewalld will likely blow away any changes you make.

Based on your iptables rules it looks like you've already disabled firewalld in favour of just iptables. It also looks like you're allowing all incoming traffic with "ACCEPT all -- anywhere anywhere". I'm assuming this is just during the debugging phase. You should be able to replace this with rules allowing incoming traffic on ports 22, 80 and maybe 443.