2.2.3. Examples of iptables Rules

2.2.3. Examples of iptables Rules

This section provides iptables rule examples for enabling IP ports on Red Hat Cluster nodes and computers that run luci. The examples enable IP ports for a computer having an IP address of, using a subnet mask of


Examples are for cluster nodes unless otherwise noted in the example titles.

iptables -A INPUT -i -m multiport -m state --state NEW -p udp -s -d --dports 5404,5405 -j ACCEPT
Example 2.1. Port 5404, 5405: cman

-A INPUT -i -m state --state NEW -m multiport -p tcp -s -d --dports 8084 -j ACCEPT
Example 2.2. Port 8084: luci (Cluster Node or Computer Running luci)

-A INPUT -i -m state --state NEW -m multiport -p tcp -s -d --dports 11111 -j ACCEPT
Example 2.3. Port 11111: ricci (Cluster Node and Computer Running luci)

-A INPUT -i -m state --state NEW -m multiport -p tcp -s -d --dports 14567 -j ACCEPT
Example 2.4. Port 14567: gnbd

-A INPUT -i -m state --state NEW -m multiport -p tcp -s -d --dports 16851 -j ACCEPT
Example 2.5. Port 16851: modclusterd

-A INPUT -i -m state --state NEW -m multiport -p tcp -s -d --dports 21064 -j ACCEPT
Example 2.6. Port 21064: dlm

-A INPUT -i -m state --state NEW -m multiport -p tcp -s -d --dports 41966,41967,41968,41969 -j ACCEPT
Example 2.7. Ports 41966, 41967, 41968, 41969: rgmanager

-A INPUT -i -m state --state NEW -m multiport -p tcp -s -d --dports 50006,50008,50009 -j ACCEPT
Example 2.8. Ports 50006, 50008, 50009: ccsd (TCP)

-A INPUT -i -m state --state NEW -m multiport -p udp -s -d --dports 50007 -j ACCEPT
Example 2.9. Port 50007: ccsd (UDP)

Note: This documentation is provided {and copyrighted} by Red Hat®, Inc. and is released via the Open Publication License. The copyright holder has added the further requirement that Distribution of substantively modified versions of this document is prohibited without the explicit permission of the copyright holder. The CentOS project redistributes these original works (in their unmodified form) as a reference for CentOS-5 because CentOS-5 is built from publicly available, open source SRPMS. The documentation is unmodified to be compliant with upstream distribution policy. Neither CentOS-5 nor the CentOS Project are in any way affiliated with or sponsored by Red Hat®, Inc.