centos7 防火墙一些相关设置 开机添加静态路由 特殊的方法
Posted 东大网管
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了centos7 防火墙一些相关设置 开机添加静态路由 特殊的方法相关的知识,希望对你有一定的参考价值。
参考文献:
https://access.redhat.com/documentation/zh-cn/red_hat_enterprise_linux/7/html/security_guide/sec-using_firewalls
firewall-cmd --state
firewall-cmd --get-active-zones
firewall-cmd --zone=public --list-all
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --remove-service=dhcpv6-client --permanent
firewall-cmd --reload
firewall-cmd --add-rich-rule="rule family=‘ipv4‘ source address=‘7.2.1.3‘ port port=‘22‘ protocol=‘tcp‘ drop" --permanent
firewall-cmd --remove-rich-rule=‘rule family=‘ipv4‘ source address=‘7.2.1.3‘ port port=‘22‘ protocol=‘tcp‘ drop‘ --permanent
firewall-cmd --add-rich-rule="rule family=‘ipv4‘ source address=‘192.168.1.1‘ port port=‘22‘ protocol=‘tcp‘ accept" --permanent
firewall-cmd --remove-rich-rule=‘rule family=‘ipv4‘ source address=‘192.168.1.1‘ port port=‘22‘ protocol=‘tcp‘ accept‘ --permanent
firewall-cmd --zone=public --remove-service=dhcpv6-client --permanent
firewall-cmd --zone=public --remove-service=ssh --permanent
firewall-cmd --add-rich-rule="rule family=‘ipv4‘ source address=‘192.168.0.0/16‘ port port=‘22‘ protocol=‘tcp‘ accept" --permanent
firewall-cmd --add-rich-rule="rule family=‘ipv4‘ source address=‘2.9.58.24/29‘ port port=‘22‘ protocol=‘tcp‘ accept" --permanent
firewall-cmd --add-rich-rule="rule family=‘ipv4‘ port port=‘80‘ protocol=‘tcp‘ accept" --permanent
firewall-cmd --add-rich-rule="rule family=‘ipv4‘ port port=‘443‘ protocol=‘tcp‘ accept" --permanent
firewall-cmd --add-rich-rule=‘rule protocol value=icmp drop‘ --permanent
vi /etc/ssh/sshd_config
ListenAddress X.X.X.X
关闭sel
sed -i s#SELINUX=enforcing#SELINUX=disable#g /etc/selinux/config
centos7开机添加静态路由的唯一方法!
vi /etc/sysconfig/network-scripts/route-eth0
192.168.0.0/16 via 172.16.16.200
10.0.0.0/8 via 172.16.16.200
以上是关于centos7 防火墙一些相关设置 开机添加静态路由 特殊的方法的主要内容,如果未能解决你的问题,请参考以下文章
CentOS7防火墙firewalld 和 CentOS6防火墙iptables的一些配置命令