iptables prohibited ports and open ports under Linux

Others 2022-04-28 18:07:29 views: 0

If there is a permission problem in the following code, you can solve it by adding sudo to the top of the code to give permission.

 

one. port opening.

     iptables -A INPUT -p tcp --dport 80 -j ACCEPT

     iptables -A OUTPUT -p tcp --sport 80 -j ACCEPT

     -A: The parameter is regarded as a rule for adding an INPUT (OUTPUT);
     -p: Specify what protocol is our commonly used tcp (udp) protocol. For example: When the DNS of port 53 arrives, we need to configure DNS to use port 53, and everyone will find that the udp protocol is used;

    --dport: is the target port, when the data enters the server from the outside, it is the target port;
    --sport: when the data goes out from the server, it is the data source port;

   -j is to specify ACCEPT to receive or DROP not to receive.

 The above two lines of code are to open port 80.

 

two. port closure.

     iptables -A INPUT -p tcp --dport 80 -j DROP

     iptables -A OUTPUT -p tcp --sport 80 -j DROP

This closes port 80.

 

three. Check out the port command.

    iptables -L -n is used to view iptables rules. That is, open ports, etc.

 

Four. Remove iptables rules.

   iptables -L -n --line-numbers View rules preceded by serial numbers.

   iptables -D INPUT [serial number] Delete the iptables rule by the serial number obtained from the above view.

 

Fives. Save the rules.

     After the configuration is complete, it needs to be saved. In this case, root privileges are required . sudo privileges are no longer enough. After setting. Enter code:

     iptables-save > /etc/iptables-rules

     ip6tables-save > /etc/ip6tables-rules

 

    We need to edit the /etc/network/interfaces file and insert the following two lines at the end:

    pre-up iptables-restore < /etc/iptables-rules

    pre-up ip6tables-restore < /etc/ip6tables-rules

 

After restarting the computer. Use sudo iptables -L to see if the configuration takes effect.

 

six. Note: General computers are installed with iptables (firewall). Therefore, the port can be opened by the above method. If you don't have a computer with a firewall installed, you don't need to open the port. Because there is no computer with iptables installed. Ports are directly accessible.

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=326482701&siteId=291194637
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com