Basic iptables on CentOS

Open your iptables(/etc/sysconfig/iptables) and add the following lines below (-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT) line:

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 161 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 161 -j ACCEPT

Restart the iptables:

service iptables restart

By default, your iptables allow all outbound ports.

lokkit will give you a simple interface to configure iptables with.

1. I would like to accept inbound only port 80,443,22, snmp, 3306 to my server.
2. I would like to be able to allow all outbound ports
3. I would like all other inbound connection to be dropped.

Put this rules in a shell script....

#!/bin/bash

# 3

iptables -P INPUT DROP

iptables -P FORWARD DROP

# 2

iptables -P OUTPUT ACCEPT

iptables -A INPUT -j ACCEPT -m state --state ESTABLISHED,RELATED

iptables -A FORWARD -j ACCEPT -m state --state ESTABLISHED,RELATED

# 1 (change eth0 for your interface)

iptables -A INPUT -j ACCEPT -i eth0 -p tcp -m multiport --dport 80,443,22,161,3306

The answers given already will definitely do what you need. But really, you should understand how your firewall works if you're going to administrate it. Surprisingly, the CentOS documentation for setting up IPTABLES is easy to understand and gives a good base for getting it set up. So instead of just taking these guys' word for it and sticking these firewall rules up, read a bit and find out what they are doing.

http://wiki.centos.org/HowTos/Network/IPTables