Skip to content

Instantly share code, notes, and snippets.

@lazyjerry
Created September 22, 2017 10:26
Show Gist options
  • Save lazyjerry/5e18b7cbb891e8ab8b694574ee8b3bb0 to your computer and use it in GitHub Desktop.
Save lazyjerry/5e18b7cbb891e8ab8b694574ee8b3bb0 to your computer and use it in GitHub Desktop.
停用防火牆
# systemctl mask firewalld
# systemctl stop firewalld
安裝
# yum install iptables-services
啟動及設定開機執行 iptables
# systemctl enable iptables
# systemctl start iptables
操作執行
# nano /etc/sysconfig/iptables
或是使用指令
# iptables -A INPUT -p tcp --dport 80 -j ACCEPT
CentOS 防火牆打開22,25,80,22,1433,3306端口操作
(FTP):
# iptables -I INPUT -p tcp --dport 21 -j ACCEPT
(SSH):
# iptables -I INPUT -p tcp --dport 22 -j ACCEPT
(SMTP)
# iptables -I INPUT -p tcp --dport 25 -j ACCEPT
(HTTP)
# iptables -I INPUT -p tcp --dport 80 -j ACCEPT
(MSSQL)
# iptables -I INPUT -p tcp --dport 1433 -j ACCEPT
(MYSQL)
# iptables -I INPUT -p tcp --dport 3306 -j ACCEPT
指定ip
# iptables -I INPUT -p tcp -s IP --dport 21 -j ACCEPT
(添加在倒数第二行之前,不然等於沒添加)
四.然後存檔:
# /etc/rc.d/init.d/iptables save
五.查看有打開的PORT:
# /etc/init.d/iptables status
# netstat -tnlp
# netstat -tlp
六.重啟防火牆
# /etc/init.d/iptables restart
七.會寫入到這邊 若要關PORT到這邊#
# /etc/sysconfig/iptables
永久關閉 (沒事別用)
# chkconfig –level 35 iptables off
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment