安装iptables防火墙配置
1、关闭firewall:
service firewalld stop systemctl disable firewalld.service #禁止firewall开机启动
2、安装iptables防火墙
yum install iptables-services #安装
3、编辑iptables防火墙配置
vi /etc/sysconfig/iptables #编辑防火墙配置文件
下边是一个完整的配置文件:
Firewall configuration written by system-config-firewall Manual customization of this file is not recommended.*filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT-A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT
:wq! #保存退出
[root@localhost ~]# systemctl restart iptables.service # 重启防火墙使配置生效 [root@localhost ~]# systemctl enable iptables.service # 设置防火墙开机启动 [root@localhost ~]# systemctl disable iptables.service # 禁止防火墙开机启动
添加iptables规则并永久生效
添加iptables规则
iptables -I INPUT 1 -p tcp -m state --state NEW -m tcp --dport 6379 -j ACCEPT
保存
service iptables save
出现上面ok提示说明保存永久生效了
发表评论