例：當(dāng)修改了ssh遠(yuǎn)程連接端口，如何在iptables上打開新的端口（這里將默認(rèn)22端口號修改為33端口號）

#輸入命令打開33端口。

[root@niaoyun ~]# iptables -I INPUT -p tcp --dport 33 -j ACCEPT
#查看防火墻規(guī)則，發(fā)現(xiàn)33端口號已經(jīng)打開了。
[root@niaoyun ~]# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:33 
295 23186 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
34 2310 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
2342 200K REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT 15 packets, 1412 bytes)
pkts bytes target prot opt in out source destination
#iptables規(guī)則已經(jīng)更改，我們需要對規(guī)則進(jìn)行保存。
[root@niaoyun ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
#保存完畢，重啟iptables服務(wù)。
[root@niaoyun ~]# service iptables restart
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]

#同樣，用此方法也可以打開web的默認(rèn)端口80

iptables -I INPUT -p tcp --dport 80 -j ACCEPT && service iptables save && service iptables restart