linux經常使用指令--防火牆
centos7
iptables :
若是你想使用iptables靜態路由規則,那麼就禁用centos7默認的firewalld,並安裝ipteables-services, 啓用iptables和ip6tables;sql
yum install iptables-services
systemctl mask firewalld.service
systemctl enable iptables.service //添加開啓動項
systemctl enable ip6tables.service
靜態防火牆規則配置文件路徑爲 /etc/sysconfig/iptables 和 /etc/sysconfig/ip6tables中,可本身在其中配置規則;centos
配置完規則之後,須要先停用firewalld,而後啓用iptables和ip6tables服務便可:ssh
systemctl stop firewalld.service
systemctl start iptables.service
systemctl start ip6tables.service
firewalld :
* 查看firewalld狀態 => firewall-cmd --statetcp
[root@iZ28uvczcf6Z ~]# firewall-cmd --state
running
*開啓80端口 => firewall-cmd --zone=public --add-port=80/tcp --permanentpost
[root@iZ28uvczcf6Z ~]# firewall-cmd --zone=public --add-port=8888/tcp --permanent
success
[root@iZ28uvczcf6Z ~]#
出現success說明成功了;centos7
命令含義: --zone #做用域spa
--add-port=80/tcp #添加端口,格式爲 : 端口/通信協議rest
--permanent #永久生效,沒有此參數時,重啓即失效postgresql
* 重啓防火牆 => systemctl restart firewalld.servicecode
* 啓動 => systemctl start firewalld
禁用 => systemctl disable firewalld
中止 => systemctl stop firewalld
* 查看全部啓用的區域的特性 => firewall-cmd --list-all-zones
[root@iZ28uvczcf6Z ~]# firewall-cmd --list-all-zones
work
target: default
icmp-block-inversion: no
interfaces:
sources:
services: dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:
drop
target: DROP
icmp-block-inversion: no
interfaces:
sources:
services:
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:
internal
target: default
icmp-block-inversion: no
interfaces:
sources:
services: dhcpv6-client mdns samba-client ssh
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:
external
target: default
icmp-block-inversion: no
interfaces:
sources:
services: ssh
ports:
protocols:
masquerade: yes
forward-ports:
sourceports:
icmp-blocks:
rich rules:
trusted
target: ACCEPT
icmp-block-inversion: no
interfaces:
sources:
services:
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:
home
target: default
icmp-block-inversion: no
interfaces:
sources:
services: dhcpv6-client mdns samba-client ssh
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:
dmz
target: default
icmp-block-inversion: no
interfaces:
sources:
services: ssh
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:
public
target: default
icmp-block-inversion: no
interfaces:
sources:
services: dhcpv6-client postgresql ssh
ports: 3333/tcp 80/tcp 6379/tcp
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:
block
target: %%REJECT%%
icmp-block-inversion: no
interfaces:
sources:
services:
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:
後記
僅作備忘用...未完待續...
本文版權歸做者和博客園共有,歡迎轉載,但未經做者贊成必須保留此段聲明,且在文章頁面明顯位置給出原文鏈接,不然保留追究法律責任的權利;
本文出自:博客園--別問是誰
- 1. Linux 防火牆設置經常使用指令
- 2. centos7防火牆經常使用命令
- 3. CentOS7防火牆經常使用命令
- 4. Centos7防火牆經常使用命令
- 5. iptables防火牆經常使用命令
- 6. Linux防火牆設置常用命令
- 7. linux經常使用命令和關閉防火牆
- 8. Linux------iptables防火牆經常使用命令
- 9. linux防火牆iptables經常使用命令與基礎知識
- 10. 防火牆IPTABLES經常使用設置
- 更多相關文章...
- • 使用TCP協議檢測防火牆 - TCP/IP教程
- • Redis HyperLogLog常用命令 - Redis教程
- • Composer 安裝與使用
- • Docker 清理命令
-
每一个你不满意的现在,都有一个你没有努力的曾经。