iptables firewall settings view open port number whitelist

Enterprise 2023-06-05 06:19:22 views: null

iptables is a powerful tool for network traffic management in Linux systems.

iptables rules take effect immediately, without restarting services or loading configurations. Therefore, one must be very careful, or lock yourself out of the system.

Do not run firewalld and ipatables at the same time.

Always apply the rules that get you into the system first.

1. Basic operation commands of iptables

Query firewall status: service iptables status (systemctl status iptables.service)
Stop firewall: service iptables stop (systemctl stop iptables.service)
Start firewall: service iptables start (systemctl start iptables.service)
Restart firewall: service iptables restart (systemctl restart iptables .service)
Permanently disable the firewall: chkconfig iptables off
Enable after permanent shutdown: chkconfig iptables on

2. View address and port details

iptables -nvl or iptables -L -n --line-number

Among them, ACCEPT in the target column means acceptance, and REJECT means rejection

3. View or modify the iptables configuration file

cat /etc/sysconfig/iptables

It can be directly edited and modified in it.

4. Clear existing rules

iptables -F 或 iptables --flush

5. Add open port 8002 access

Add rule has two parameters: -A and -I. Among them, -A is added to the end of the rule; -I can be inserted into the specified position, and if there is no specified position, it will be inserted into the head of the rule by default. And --dport is the target port. When the data enters the server from the outside, it is the target port. Otherwise, the data goes out from the server, and it is the data source port. Use --sport

iptables -I INPUT -p tcp --dport 8002 -j ACCEPT

6. Delete port 8002 access

Delete with -D parameter. We first find out all the rule information, use iptables -L -n --line-number to find out. There is a num in the displayed list to indicate which column it is. Then we can delete it, such as deleting the second rule.

iptables -D INPUT 2

7. Prohibit 192.168.1.2 IP access

iptables -A INPUT -p tcp -s 192.168.1.2 -j DROP

8. Save iptables setting rules

service iptables save

Guess you like

Origin blog.csdn.net/qq_27817851/article/details/128168499
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com