Will Warren


Adding firewall rules for Oracle Database using iptables


To connect to a box on your network that is running Oracle Database, you will first need to allow connections to Oracle through your firewall.

If you’re running CentOS, RHEL, Fedora or any other Linux variant that uses iptables, use the following commands to create a firewall exception (Assuming you’re running your listener on port 1521 - check with sudo lsnrctl status):

sudo iptables -I INPUT -p tcp --dport 1521 -j ACCEPT

Or to limit the connections to a specific IP address - e.g. 192.168.1.20 or an IP block - e.g. 192.168.1.0/24 use the -s option:

sudo iptables -I INPUT -s 192.168.1.0/24 -p tcp --dport 1521 -j ACCEPT

Don’t forget to save your changes to make them permanent (still applied after reboot):

sudo service iptables save

Or

sudo /etc/init.d/iptables save

Bonus round

Check the full status of all your firewall rules with the following command:

sudo iptables -L -n -v --line-numbers

Further Reading


Length: 162 words or 1 min Tags: sysadmin, database, oracle

Comments

comments powered by Disqus