1: First popularize basic knowledge of the firewall, the firewall is turned on, off and the status query and set the boot from the start, the boot command is disabled
Check status (. 1): Firewall-cmd --state
Check the status (2): systemctl stauts firewalld.service
Turn on the firewall: systemctl Start firewalld.service
Restart the firewall: systemctl restart firewalld.service
Turn off the firewall: systemctl STOP firewalld.service (not test oh)
Disable the firewall: systemctl disable firewalld.sevice (not test oh)
Boot from the start: systemctl enable firewalld.service
2: open ports, closed and open state inquiry
(1) For example, our local mysql database connection to the server, you need to open the 3306 port, or can not can not connect to local
This error occurs:
(2) This time we need to open the external network port number 3306
1: 3306 increases the open command port: Firewall-cmd = --zone public --add-Port = 3306 / TCP --permanent
--zone = public: Scope
--add-port = 3306 / tcp: based on open tcp port 3306
--permanent: Permanent
2: Restart the firewall: systemctl restart firewalld.service
3: View 3306 is turned on: Firewall-cmd --query-Port = 3306 / tcp
4: View all open ports: Firewall-cmd---list the ports
Then you can connect mysql database server outside the network of friends! ! !
3: Tencent cloud server security group
(1): Use this menu
(2) add server instances corresponding security group, so you set the rules can be mapped to the corresponding server, you can set up multiple ~
(3) custom add inbound rule of 3306, outbound rules do not control you, (there must be set to allow)
If you do not set up to run, or will local Rom mysql database server oh ~
So if you want to deploy as late redis, nginx, web application or something, to be in the server open the corresponding port and Tencent cloud security group set up inside Ay ~ ~