When the outside not visit, check the firewall
Open designated port:
tcp port 80, put through the firewall tcp port 80:
Firewall-cmd = --zone public --add-Port = 80 / tcp --permanent
Firewall-cmd = --zone public --add-Port = 7890 / TCP --permanent
Firewall-cmd = --zone public --add-Port = 443 / TCP --permanent
Firewall-cmd = --zone public --add-Port = 3306 / TCP --permanent
Firewall-cmd - public --add-Port = Zone = 9001 / TCP --permanent
Firewall-cmd = --zone public --add-Port = 9200 / TCP --permanent
Firewall-cmd = --zone public --add-Port = 8301 / TCP --permanent
Firewall-cmd = --zone public --add-Port = 8401 / TCP --permanent
Open the firewall ports
firewall-cmd --add-service = mysql --permanent
firewall-cmd --add-service=ftp --permanent
Restart the firewall to allow the changes to take effect immediately:
Firewall-cmd --reload
Check that the configuration is successful:
Firewall-cmd --list-All
DOES NOT PROVIDE 8002 port service
iptables -I INPUT -p tcp --dport 8002 --j DROP
View:
getenforce
Disabled
1. Turn off the firewall:
systemctl firewalld.service STOP # Stop firewall
systemctl disable firewalld.service # prohibit firewall boot
2. Close the SELINUX
VI / etc / SELinux / config
# SELINUX = enforcing # commented
SELINUX = disabled # increase
:! Wq # save and exit
Make the configuration take effect immediately
setenforce 0
0102- formulated Firewall - to reinforce online environment
Empty original rules
iptables -F
New preparation of firewall rules:
vim /etc/iptables.up.rules
View existing rules
iptables -t nat -F
Adding to the script executable permissions
chmod + x /etc/network/if-up.d/iptables
See if successful preparation
ufw Status
Status: inactive
as not active
Activation of
ufw enable
Based system boot from
the root Cloud @: ~ # Vim /etc/network/if-up.d/iptables
# / bin / SH!
Iptables-Restore /etc/iptables.up.rules
Tells iptables the new configuration file (or reload)
iptables-Restore </etc/iptables.up.rules
