# -------------- View server port status-------------------- [root@zjxl-2 etc]#/etc/init.d/iptables status Table: filter Chain INPUT (policy DROP) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 3 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 20:30,80,110,443,3300:3500,5700:6100,7001,8000:13000 5 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED Chain FORWARD (policy ACCEPT) num target prot opt source destination Chain OUTPUT (policy ACCEPT) num target prot opt source destination # ---------------------------- Found that ports 6379 and 6380 are not opened------------- ------------------ # ----------------------------------Open port 6379------------ --------------------- [root@zjxl-2 etc]# /sbin/iptables -I INPUT -p tcp --dport 6379 -j ACCEPT [root@zjxl-2 etc]# /etc/init.d/iptables status Table: filter Chain INPUT (policy DROP) num target prot opt source destination 1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6379 2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 20:30,80,110,443,3300:3500,5700:6100,7001,8000:13000 6 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED Chain FORWARD (policy ACCEPT) num target prot opt source destination Chain OUTPUT (policy ACCEPT) num target prot opt source destination # ----------------------------------Open port 6380------------ --------------------- [root@zjxl-2 etc]# /sbin/iptables -I INPUT -p tcp --dport 6380 -j ACCEPT # ------------------------------- View server port status --------------- ------------ [root@zjxl-2 etc]# /etc/init.d/iptables status Table: filter Chain INPUT (policy DROP) num target prot opt source destination 1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6380 2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:6379 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 4 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 20:30,80,110,443,3300:3500,5700:6100,7001,8000:13000 7 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED Chain FORWARD (policy ACCEPT) num target prot opt source destination Chain OUTPUT (policy ACCEPT) num target prot opt source destination # ----------------------------------Save modified configuration------------ --------------------- [root@zjxl-2 etc]# /etc/rc.d/init.d/iptables save Saving firewall rules to /etc/sysconfig/iptables: [ OK ] [root@zjxl-2 etc]#
Problem Description:
After the Redis cache service is installed on the Centos server, other machines cannot access it, and the connection timeout is prompted. , Depressed, found a solution on the Internet:
/sbin/iptables -I INPUT -p tcp --dport 6379 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --dport 6380 -j ACCEPT
Then save:
/etc/rc.d/init.d/iptables save
After restarting the computer in this way, the CentOS firewall has opened ports 6379 and 6380 by default.
It should also be possible to not restart the computer here:
/etc/init.d/iptables restart
View CentOS firewall information:
/etc/init.d/iptables status
Turn off the CentOS firewall service:
/etc/init.d/iptables stop
Permanently close:
chkconfig –level 35 iptables off
Solution source: http://hi.baidu.com/xiyi2008/item/345215b90948c4d085dd7978