Created
September 22, 2017 10:26
-
-
Save lazyjerry/5e18b7cbb891e8ab8b694574ee8b3bb0 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
停用防火牆 | |
# systemctl mask firewalld | |
# systemctl stop firewalld | |
安裝 | |
# yum install iptables-services | |
啟動及設定開機執行 iptables | |
# systemctl enable iptables | |
# systemctl start iptables | |
操作執行 | |
# nano /etc/sysconfig/iptables | |
或是使用指令 | |
# iptables -A INPUT -p tcp --dport 80 -j ACCEPT | |
CentOS 防火牆打開22,25,80,22,1433,3306端口操作 | |
(FTP): | |
# iptables -I INPUT -p tcp --dport 21 -j ACCEPT | |
(SSH): | |
# iptables -I INPUT -p tcp --dport 22 -j ACCEPT | |
(SMTP) | |
# iptables -I INPUT -p tcp --dport 25 -j ACCEPT | |
(HTTP) | |
# iptables -I INPUT -p tcp --dport 80 -j ACCEPT | |
(MSSQL) | |
# iptables -I INPUT -p tcp --dport 1433 -j ACCEPT | |
(MYSQL) | |
# iptables -I INPUT -p tcp --dport 3306 -j ACCEPT | |
指定ip | |
# iptables -I INPUT -p tcp -s IP --dport 21 -j ACCEPT | |
(添加在倒数第二行之前,不然等於沒添加) | |
四.然後存檔: | |
# /etc/rc.d/init.d/iptables save | |
五.查看有打開的PORT: | |
# /etc/init.d/iptables status | |
# netstat -tnlp | |
# netstat -tlp | |
六.重啟防火牆 | |
# /etc/init.d/iptables restart | |
七.會寫入到這邊 若要關PORT到這邊# | |
# /etc/sysconfig/iptables | |
永久關閉 (沒事別用) | |
# chkconfig –level 35 iptables off |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment