首先查看当前规则:
iptables --list
[root@joytest1 ~]# iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- xxxx.xxxx.50.45 anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:svn
ACCEPT tcp -- anywhere anywhere tcp dpt:pptp
ACCEPT gre -- anywhere anywhere
ACCEPT udp -- anywhere anywhere udp dpt:domain
DROP all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:ni-ftp
增加:
iptables -A INPUT -s xxx.xx.xxx.xxx -j ACCEPT
重启服务
service iptables restart