1

How can I use iptables to open ports 21001-22000 in a cluster, allowing the worker nodes to communicate between them and with the front-end?

The cluster is configured with CentOS 6.3, Rocks 6.1 and iptables 1.4.7.

RSFalcon7
  • 163
  • 1
  • 6

1 Answers1

2

The following command run as root will do that:

# iptables -A INPUT -p tcp --dport 21001:22000 -j ACCEPT

Check the iptables(8) manpage for details.

dawud
  • 14,918
  • 3
  • 41
  • 61
Daniel Widrick
  • 3,418
  • 2
  • 12
  • 26
  • @IVint67 Will this allow both **incoming** and **outcoming** traffic between workers and front-end? – RSFalcon7 Sep 24 '13 at 12:46
  • @RSFalcon without more details, this is the best I can do for you. What connects to what with what? – Daniel Widrick Sep 24 '13 at 12:48
  • @IVint67 As far has I understand this system: all nodes are connected in intern network (10.1.0.0/16), the only node with actual internet acess is the front-end (who has more than one network intercafe, one for the intern and other for external connection) – RSFalcon7 Sep 24 '13 at 13:02
  • @RSFalcon7, I would update your question with that information. It sounds like you need [D]NAT and once done you will likely find your answers here: http://serverfault.com/questions/140622/how-can-i-port-forward-with-iptables – Daniel Widrick Sep 24 '13 at 13:06