Appliance IP Tables

book

Article ID: 224325

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

I need to have certain ports open when ssg is not running. Where can I update the  appliance iptables so that my custom firewall settings will remain in effect even when the gateway service is not running?

Cause

Gateway manages iptables inside it's application, ports that are needed if gateway is not running need to me manually added to iptables 

Environment

Release : 10.0

Component :

Resolution

Steps:

  • Open the file /etc/sysconfig/iptables in a text editor.
  • Add a rule above the line “ADD CUSTOM ALLOW RULES HERE”.

For example, to allow inbound connections on the port of 8888 on the appliance's private-side network interface, add a rule similar to the following:


# Allow inbound connections on private interface 8888

[0:0] -A INPUT -i ssg_eth0 -p tcp -m tcp --dport 8888 -j ACCEPT

#

# ADD CUSTOM ALLOW RULES HERE

  • Save and close the iptables file.