Firewall treatment

Enterprise 2019-09-10 23:11:46 views: null

View port status opening

Queries have open ports netstat -anp
whether the query specified port is open firewall-cmd --query-port = 666 / tcp prompt yes, indicate on; no means is not turned on.

Check firewall status

Check firewall status systemctl status firewalld
open the firewall systemctl start firewalld  
turn off the firewall systemctl stop firewalld
open the firewall service firewalld start 
If they are unable to open the first use: systemctl unmask firewalld.service then: systemctl start firewalld.service

Foreign Port Development

See if want to open the ports are open: firewall-cmd --query-port = 6379 / tcp
add the specified ports need to be open: firewall-cmd --add-port = 123 / tcp --permanent
port reloaded added: firewall-cmd --reload
query whether the port open success: firewall-cmd --query-port = 123 / tcp
remove the specified port: firewall-cmd --permanent --remove-port = 123 / tcp

By iptables treatment

Installation iptables-services: yum install iptables-  services
into the catalog following modifications: / etc / sysconfig / iptables

iptables view, add, delete, modify, permanent

1 View

iptables -nvL --line-number-L to view the current list of all the rules, the default view of the filter table, if you want to view the NAT table, you can add -t NAT parameter
-n right ip address reverse lookup, add this parameter much faster display speed
-v output details, comprising a number of packets by the rule, and the total number of bytes corresponding network interface
--line-number display the serial number of the rule, the parameter rule deleted, or modified by to

2, add

Add rule has two arguments: -A and -I. Wherein -A is added to the end of the rule; -I may be inserted to the specified position, the position is not specified, then the default rule is inserted into the header portion.
iptables -A INPUT -s 192.168.1.5 -j DROP

3, delete

To delete a rule to add previously deleted -D parameters: iptables -A -j DROP the INPUT -s 192.168.1.5
Sometimes you want to delete the rule is too long to write a long list when you delete a waste of time and easy wrong, then we the line number can first use -line-number to find out that rule, and then delete the rule by line number.

4, modify

-R modified using the parameters: iptables the INPUT. 3 -R -j ACCEPT

5, permanent

service iptables save
service iptables restart

Guess you like

Origin blog.51cto.com/4054042/2437124
Recommended
Ranking
SpringBoot-integrate redis
[Sword pointing to offer] Interview question 03: Repeated numbers in an array
Arrangement "Offer Penalty for prove safety" string
Browser prevent the automatic generation of fill and Echo have been saved account solutions
Work hard and never slacken——2022 Yinmai Information Year-End Summary
Install jdk7 on Linux system
App common dependency management tools
EduCoder-Web程序设计基础-html5— 给表单组件添加说明-第1关:label标签相关概念
Machine learning - clustering - density clustering algorithm notes
Ant's large model is exposed, AI+ finance enters the "big model" era
Daily
More
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)

Code World

© 2018 codetd.com