centos 7 防火墙和端口配置

Posted xiluhua

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了centos 7 防火墙和端口配置相关的知识,希望对你有一定的参考价值。

centos 7 防火墙和端口配置
--解决 RHEL 7/ CentOS 7/Fedora 出现Unit iptables.service failed to load

# 第一步,关闭firewall:
CentOS 7.0默认使用的是firewall作为防火墙,这里改为iptables防火墙。
systemctl stop firewalld.service     #停止firewall
systemctl disable firewalld.service   #禁止firewall开机启动

# 第二步,安装iptables-services:
yum install iptables-services

 

# 第三步,启用iptables-services:
[email protected] ~# systemctl enable iptables   #启用
Created symlink from /etc/systemd/system/basic.target.wants/iptables.service to /usr/lib/systemd/system/iptables.service.
[email protected]-xiluhua ~# service iptables save    
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  确定  ]
[email protected]-xiluhua ~# service iptables status    #查看状态
Redirecting to /bin/systemctl status  iptables.service
● iptables.service - IPv4 firewall with iptables
   Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)
   Active: inactive (dead)
[email protected]-xiluhua ~# service iptables start     #启动
Redirecting to /bin/systemctl start  iptables.service
[email protected]-xiluhua ~# service iptables status
Redirecting to /bin/systemctl status  iptables.service
● iptables.service - IPv4 firewall with iptables
   Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)
   Active: active (exited) since 一 2016-10-03 15:41:24 CST; 8s ago
  Process: 9913 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
 Main PID: 9913 (code=exited, status=0/SUCCESS)
 
10月 03 15:41:24 vm-xiluhua systemd[1]: Starting IPv4 firewall with iptables...
10月 03 15:41:24 vm-xiluhua iptables.init[9913]: iptables: Applying firewall rules: [  确定  ]
10月 03 15:41:24 vm-xiluhua systemd[1]: Started IPv4 firewall with iptables.

 

# 第4步,编辑iptables-services,加入端口配置(开启端口)
[email protected] ~# vi /etc/sysconfig/iptables

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 6379 -j ACCEPT #redis
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT #ftp
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT #ssh
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 11211 -j ACCEPT #memcached
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT #mysql

[email protected]-xiluhua ~# service iptables save     #保存规则到iptables
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  确定  ]
[email protected]-xiluhua ~# service iptables restart   #重新启动
Redirecting to /bin/systemctl restart  iptables.service

 

以上是关于centos 7 防火墙和端口配置的主要内容,如果未能解决你的问题,请参考以下文章

centos 7之firewalld防火墙配置IP伪装和端口转发案例详解

CentOS 7防火墙快速开放端口配置方法

Centos 7的firewalld防火墙地址伪装和端口转发原理

centos 7的firewalld防火墙配置IP伪装和端口转发(内附配置案例)

centos 7配置firewall防火墙的地址伪装和端口转发实例

centos 7的防火墙怎么开放端口