CentOS 7 关闭IPv6

一、编辑/etc/default/grub
编辑/etc/default/grub，在GRUB_CMDLINE_LINUX加上的后面句首加上ipv6.disable=1。
修改之前：

[root@localhost ~]# cat /etc/default/grub 
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=centos/root rd.lvm.lv=centos/swap rhgb quiet"
GRUB_DISABLE_RECOVERY="true"
[root@localhost ~]# 

修改之后：

[root@localhost ~]# cat /etc/default/grub 
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="ipv6.disable=1 crashkernel=auto rd.lvm.lv=centos/root rd.lvm.lv=centos/swap rhgb quiet"
GRUB_DISABLE_RECOVERY="true"
[root@localhost ~]#

二、重新生成grub.cfg文件
修改完毕后保存，运行grub2-mkconfig -o /boot/grub2/grub.cfg重新生成grub.cfg文件。

[root@localhost ~]# grub2-mkconfig -o /boot/grub2/grub.cfg 
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-3.10.0-514.2.2.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-514.2.2.el7.x86_64.img
Found linux image: /boot/vmlinuz-3.10.0-327.36.3.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-327.36.3.el7.x86_64.img
Found linux image: /boot/vmlinuz-3.10.0-327.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-327.el7.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-d885883cdb4944609bc5e3493dd2b680
Found initrd image: /boot/initramfs-0-rescue-d885883cdb4944609bc5e3493dd2b680.img
done
[root@localhost ~]#

三、重启系统
运行下面的命令，已经看不到tcp6的协议：

[root@localhost ~]# netstat -nltp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1030/sshd           
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      1294/master         
[root@localhost ~]# 

清除以前的防火墙规则，或者添加允许指定某个端口开放
[root@localhost ~]# iptables -F