Hi @bernardo_estevao following steps worked for me:
Installation of IPtables:
#yum install iptables-services -y
#systemctl start iptables
#systemctl enable iptables
Adding the rules as per task
According to the question we have to allow app server access through LBR host and that too only on the port as mentioned in the task . The 2nd thing here is we need to reject for “every” other incoming connection on port mentioned.
IPTables check rules in a sequential manner so when we install iptables the last rule in INPUT table is of reject all. So I first replaced the rule using -R with
iptables -R INPUT 5 -p tcp --destination-port -s 172.16.238.14 -j ACCEPT
and then appended this rule the table:
iptables -A INPUT -p tcp --destination-port -j DROP
Accordingly first iptables will check for accept rule and will allow for the incoming connection on the particular port from the LBR host and then it will go to the next rule which reject connections coming on that port.
If we do the vice versa here , it will DROP every connection coming on to that port that is we have placed ACCEPT rule first.
At last do not forget to save this rules to be persistent and check whether it is accessible from LBR host and rejects every other host.
#service iptables save
Do let me know , if there is anything to add, while doing this task second time I found many people are stuck with this task , so I thought to write about it . Also hope this helps people who are attempting this task and are pretty new to the iptables concept.