从Centos7开始默认使用firewall防火墙了
换成iptables防火墙,操作步骤如下:
关闭firewalld防火墙,关闭开机自启
|
1 2 |
systemctl stop firewalld.service systemctl disable firewalld.service |
安装iptables防火墙,设置开机自启
|
1 2 |
yum -y install iptables-services net-tools systemctl enable iptables.service |
然后编辑iptables防火墙规则就好了
|
1 |
vim /etc/sysconfig/iptables |
来个示例:
|
1 2 3 4 5 6 7 8 9 10 11 |
*filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT |
原文链接:Centos7关闭firewall防火墙,启用iptables防火墙,转载请注明来源!
