Hi trying to allow a service to run on my server.

i can get it to work when i stop iptables and when i start it it no longer works.
(web based application (cpanel))

Now i know the ports it uses and all but i don't know how to add them.

thank you in advance

For better understanding of what im trying to do -

ok so i sorta now how to insert rules and how to save them.

for example:

iptables -A INPUT -s 192.168.0.6 (internal IP address or 0/0) -i eth0 -d 192.168.0.2 (internal IP for server) -p TCP UDP \ --sport 2086:2087 --dport 80 -j ACCEPT

When logging into the main pannel it goes through https://192.168.0.2:2087

I tried this but still no go, any clue what im doing wrong\

thank you

This is part of your problem. If you are using SSL to connect (https instead of http) you need to open port 443. SSL doesn't work on port 80.

And you might try this re-write of your rule:

iptables -A INPUT -s 192.168.0.0/24 -i eth0 -p all --dport 443 -j ACCEPT

The 192.168.0.0/24 will allow any IP address from the 192.168.0 range so if you are using DHCP for your internal network, you don't have to worry about setting up static IP addresses. I'm also a little confused about why you want to limit the source port range. This actually may be another part of the problem unless you know that your browser is always going to use those ports. Unless yo've done something to lock your browser down, odds are it is using something else. Finally, unless you are using this box as a router, -i eth0 and -d 192.168.0.2 are kind of redundant. Personally I prefer to use -i, but that is a personal preference.

I tried that and it told me that --dport is an unknown argument?

Hmm. I suppose you may have to specifiy TCP when using --dport, but I thought it would work with all. Does this work?

iptables -A INPUT -s 192.168.0.0/24 -i eth0 -p tcp --dport 443 -j ACCEPT

That is almost verbatim from my firewall so it should work. You also might want to check again for typos. They can kill a firewall.