Firewall Basic Differences in CentOS
The name of the CentOS7 firewall is: Firewalld (the system used below is: CentOS7)
7 and below the version name is: Netfilter
Remember: Iptables is just a tool for operating a firewall!
In the test environment, please turn off SELinux and Firewalld, and Windows can access Vsftpd
Legend has it that some great gods added the service port of Vsftpd to the firewall through Firewalld, which means that the firewall is open and Windows can also access it directly. The following is an ominous understanding of firewalls, please refer to books or videos to understand!
Hard knowledge points for newbies: After installing Vsftpd in Linux, you can leave the configuration file of Vsftpd untouched. By default, you can log in as an anonymous user.
(Prerequisite: SELinux, Firewalld needs to be turned off),
Crime scene:
[root@localhost ~]# systemctl status vsftpd
â vsftpd.service - Vsftpd ftp daemon
Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; enabled; vendor prese t: disabled)
Active: active (running) since å -----> Vsftpd running
2018-04-28 23:07:05 CST; 3 days ago
Process: 1006 ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf (code=exited, status=0/SUCCESS)
Main PID: 1025 (vsftpd)
CGroup: /system.slice/vsftpd.service
ââ1025 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
4æ 28 23:07:04 localhost.localdomain systemd[1]: Starting Vsftpd ftp daemon...
4æ 28 23:07:05 localhost.localdomain systemd[1]: Started Vsftpd ftp daemon.
Hint: Some lines were ellipsized, use -l to show in full.
[root@localhost ~]# LANG=C
[root@localhost ~]# systemctl status firewalld
* firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2018-04-28 23:07:01 CST; 3 days ago ------>Firewalld running
Docs: man:firewalld(1)
Main PID: 697 (firewalld)
CGroup: /system.slice/firewalld.service
`-697 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
Apr 28 23:07:00 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon...
Apr 28 23:07:01 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
Apr 28 23:07:01 localhost.localdomain firewalld[697]: WARNING: ICMP type 'beyond-scope' is not supported by the kernel for ipv6.
Apr 28 23:07:01 localhost.localdomain firewalld[697]: WARNING: beyond-scope: INVALID_ICMPTYPE: No supported ICMP type., ign...time.
Apr 28 23:07:01 localhost.localdomain firewalld[697]: WARNING: ICMP type 'failed-policy' is not supported by the kernel for ipv6.
Apr 28 23:07:01 localhost.localdomain firewalld[697]: WARNING: failed-policy: INVALID_ICMPTYPE: No supported ICMP type., ig...time.
Apr 28 23:07:01 localhost.localdomain firewalld[697]: WARNING: ICMP type 'reject-route' is not supported by the kernel for ipv6.
Apr 28 23:07:01 localhost.localdomain firewalld[697]: WARNING: reject-route: INVALID_ICMPTYPE: No supported ICMP type., ign...time.
Hint: Some lines were ellipsized, use -l to show in full.
[root@localhost ~]# systemctl stop firewalld ---->stop firewalld
[root@localhost ~]#
The above is the record when I was learning Linux. If there is anything wrong, please contact me!
Baidu search: http://www.cnblogs.com/DaniuUnixChina/
E_Mail:[email protected]
QQ:1958344794