[Switch] CentOS 6 and CentOS 7 Firewall Shutdown

CentOS 6.5 to check the status of the firewall:

 
          [linuxidc@localhost ~]$service iptable status

　　Show results:

 
          [linuxidc@localhost ~]$service iptable status 
         
          Redirecting  
          to  
          /bin/systemctl status  iptable.service 
         
          ● iptable.service 
         
          Loaded:  
          not 
          -found (Reason:  
          No  
          such file  
          or  
          directory) 
         
          Active: inactive (dead)   
          --表示防火墙已经关闭

CentOS 6.5 turn off firewall

 
          [root@localhost ~]#servcie iptables stop                     
          --临时关闭防火墙 
         
          [root@localhost ~]#chkconfig iptables  
          off                     
          --永久关闭防火墙

CentOS 7.2 turn off firewall

CentOS 7.0 uses firewall as the firewall by default, here is the iptables firewall step.

firewall-cmd --state #View the default firewall status (notrunning is displayed when it is closed, and running is displayed when it is opened)

 
          [root@localhost ~]#firewall-cmd  
          --state 
         
          not  
          running

Check the status of the firewall:

Starting from centos7, systemctl is used to manage services and programs, including service and chkconfig.

 
          [root@localhost ~]#systemctl list-unit-files|grep firewalld.service             
          --防火墙处于关闭状态 
         
          firewalld.service                          disabled

 
          [root@localhost ~]#systemctl status firewalld.service 
         
          ● firewalld.service - firewalld -  
          dynamic  
          firewall daemon 
         
          Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) 
         
          Active: inactive (dead)

Turn off the firewall:

systemctl stop firewalld.service #stop firewall
systemctl disable firewalld.service #prohibit firewall from starting

 
          [root@localhost ~]#systemctl stop firewalld.service 
         
          [root@localhost ~]#systemctl disable firewalld.service

 
          启动一个服务：systemctl start firewalld.service 
         
          关闭一个服务：systemctl stop firewalld.service 
         
          重启一个服务：systemctl restart firewalld.service 
         
          显示一个服务的状态：systemctl status firewalld.service 
         
          在开机时启用一个服务：systemctl enable firewalld.service 
         
          在开机时禁用一个服务：systemctl disable firewalld.service 
         
          查看服务是否开机启动：systemctl  
          is 
          -enabled firewalld.service;echo $? 
         
          查看已启动的服务列表：systemctl list-unit-files|grep enabled

Centos 7 firewall command:

Check out the open ports:

firewall-cmd --list-ports

open port

firewall-cmd --zone=public --add-port=80/tcp --permanent

Command meaning:

--zone #scope

–add-port=80/tcp #Add port, the format is: port/communication protocol

–permanent #Permanent effect, invalid after restart without this parameter

restart firewall

firewall-cmd --reload #重启firewall
systemctl stop firewalld.service #停止firewall
systemctl disable firewalld.service #禁止firewall开机启动
firewall-cmd --state #View the default firewall status (notrunning is displayed when it is closed, and running is displayed when it is opened)

CentOS 7 and below iptables command

To open port 80, 22, 8080, enter the following command

/sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT /sbin/iptables -I INPUT -p tcp --dport 22 -j ACCEPT /sbin/iptables -I INPUT -p tcp --dport 8080 -j ACCEPT

Then save:

/etc/rc.d/init.d/iptables save

View open ports:

/etc/init.d/iptables status

Turn off the firewall
1) It will take effect permanently and will not be restored after restarting

On: chkconfig iptables on

Off: chkconfig iptables off

2) It takes effect immediately, and it will be restored after restarting

Start: service iptables start

Shutdown: service iptables stop

Check firewall status: service iptables status

Let's talk about the difference between the default firewalls of CentOS7 and 6

CentOS 7 uses firewall as the firewall by default, and iptables must be reset

1. Turn off the firewall directly

systemctl stop firewalld.service #停止firewall

systemctl disable firewalld.service #Prohibit firewall from starting

2. Set iptables service

yum -y install iptables-services

If you want to modify the firewall configuration, such as adding firewall port 3306

vi /etc/sysconfig/iptables

add rules

-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT

After saving and exiting

systemctl restart iptables.service #Restart the firewall to make the configuration take effect

systemctl enable iptables.service #Set the firewall to start at boot

Finally, restart the system for the settings to take effect.

systemctl start iptables.service #Open the firewall

systemctl stop iptables.service #Close the firewall

Solve the host cannot access the site in the virtual machine CentOS

A while ago, CentOS6.2 was installed on the virtual machine, and apache+php+mysql was configured, but the machine could not be accessed. Haven't been tossing around.

Details are as follows

1. This function can ping the virtual machine

2. The virtual machine can also ping the local machine

3. The virtual machine can access its own web

4. This machine cannot access the web of the virtual machine

It was later found that the firewall blocked port 80.

Check whether port 80 of the server is blocked by the firewall, you can use the command: telnet server_ip 80 to test.

The workaround is as follows:

/sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT

Then save:

/etc/rc.d/init.d/iptables save

restart firewall

/etc/init.d/iptables restart

To close the CentOS firewall, close its services:

View CentOS firewall information: /etc/init.d/iptables status

Close the CentOS firewall service: /etc/init.d/iptables stop

Go to https://www.linuxidc.com/Linux/2016-12/138979.htm