If you insert the following rules in iptables,
iptables -A INPUT -p tcp –dport 1234 -j DROP
The firewall will block the connections to the port 1234 from remote computers. I wonder if iptables can also block the connections from local machine. To test if you can connect to a specified port on a host, you should use telnet, which is not installed on CentOS by default. You should install it first,
yum install telnet
The command to test the connectivity of an ip address/port combination is:
telnet xx.xx.xx.xx port
If there is no program running on the server listening on the port(but the port is not blocked by firewall), the output of the command is:
telnet: connect to address xx.xx.xx.xx: Connection refused
This message is confusing because you would think some program listens on this port but refuses the connection. If you use telnet on Windows, the output is:
Connecting To domainhostseotool.com…Could not open connection to the host, on port xxx: Connect failed
If the port is blocked by firewall, the output of telnet is:
telnet: connect to address xx.xx.xx.xx: Connection timed out
If the port is opened and not blocked, the output is:
Escape character is ‘^]’.
I use telnet to connect to localhost(or 127.0.0.1) on specific port and find the firewall also takes effect for local connections. That is to say, if you block a port, neither connection from remote server nor connection from local computer can succeed.
By the way, do not use the ssh command to test the connectivity.
ssh root@127.0.0.1 -p 1234
will not produce anything even the port 1234 is opened and not blocked.
