How can I use iptables to open ports 21001-22000 in a cluster, allowing the worker nodes to communicate between them and with the front-end?
The cluster is configured with CentOS 6.3, Rocks 6.1 and iptables 1.4.7.
Asked
Active
Viewed 497 times
1 Answers
2
The following command run as root will do that:
# iptables -A INPUT -p tcp --dport 21001:22000 -j ACCEPT
Check the iptables(8) manpage for details.
dawud
- 14,918
- 3
- 41
- 61
Daniel Widrick
- 3,418
- 2
- 12
- 26
-
@IVint67 Will this allow both **incoming** and **outcoming** traffic between workers and front-end? – RSFalcon7 Sep 24 '13 at 12:46
-
@RSFalcon without more details, this is the best I can do for you. What connects to what with what? – Daniel Widrick Sep 24 '13 at 12:48
-
@IVint67 As far has I understand this system: all nodes are connected in intern network (10.1.0.0/16), the only node with actual internet acess is the front-end (who has more than one network intercafe, one for the intern and other for external connection) – RSFalcon7 Sep 24 '13 at 13:02
-
@RSFalcon7, I would update your question with that information. It sounds like you need [D]NAT and once done you will likely find your answers here: http://serverfault.com/questions/140622/how-can-i-port-forward-with-iptables – Daniel Widrick Sep 24 '13 at 13:06