| 152 | = Step 8: Configure host firewall to allow SFA = |
| 153 | |
| 154 | If your myplc is running iptables, you will need to add rules to allow inbound connections to the `sfa-server.py` daemon, which listens on three ports. Add the following rules to `/etc/sysconfig/iptables`: |
| 155 | {{{ |
| 156 | -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 12345 -j ACCEPT |
| 157 | -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 12346 -j ACCEPT |
| 158 | -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 12347 -j ACCEPT |
| 159 | }}} |
| 160 | placing them immediately ''before'' the default reject rule: |
| 161 | {{{ |
| 162 | -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited |
| 163 | }}} |
| 164 | |
| 165 | Then restart iptables: |
| 166 | {{{ |
| 167 | sudo service iptables restart |
| 168 | }}} |
| 169 | |