How to add exception to iptables?

Question

I'm working on a RHEL server and I need to add an exception in the firewall, so you can allways axcess on Port 3000...

How can I do this?

---

Thanks @Rahul R Dhobi:

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3000 -j ACCEPT

I have added this after my other rules, but I only get an error,

iptables: Applying firewall rules: iptables-restore: line 13 failed
                                                           [FAILED]

when restarting the service. As I'm really new to Linux/iptables, I can't really tell, if it's a syntax Error, or something else.

I also tried

-A INPUT -m state --state NEW -m tcp -p tcp --dport 3000 -j ACCEPT

Now I don't get an Error anymore, but I still can't access through port 3000.

# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3000 -j ACCEPT
COMMIT

Answer 1

Open flle /etc/sysconfig/iptables:

# vi /etc/sysconfig/iptables

Append rule as follows:

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3000 -j ACCEPT

Restart iptables service

# service iptables restart

Verify connection on port

netstat -a | grep 3000