# 安装iptables-services
[root@localhost bin]# yum install iptables-services
[root@localhost bin]# /bin/systemctl status iptables.service
# 临时开放端口
[root@localhost sysconfig]# iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
# 重启iptables临时端口失效
[root@localhost sysconfig]# /bin/systemctl restart iptables iptables.service
[root@localhost sysconfig]# vi /etc/sysconfig/iptables
======================================================================================
# Generated by iptables-save v1.4.21 on Fri May  5 12:59:45 2017
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [27:2044]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Fri May  5 12:59:45 2017
# Generated by iptables-save v1.4.21 on Fri May  5 12:59:45 2017
*nat
:PREROUTING ACCEPT [81:4944]
:INPUT ACCEPT [1:92]
:OUTPUT ACCEPT [3:228]
:POSTROUTING ACCEPT [3:228]
COMMIT
# Completed on Fri May  5 12:59:45 2017
======================================================================================
# -A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
# 8080端口永久生效
[root@localhost sysconfig]# /bin/systemctl restart iptables iptables.service
[root@localhost sysconfig]# lsof -i:8080
COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
java    15665 sony   48u  IPv6  53192      0t0  TCP *:webcache (LISTEN)

# telnet 192.168.1.106 8080