use iptables instead of firewalld

1- stop firewalld

systemctl stop firewalld
systemctl mask firewalld

2- install iptables

yum install iptables-services -y
systemctl enable iptables
systemctl start iptables

3- accept 80, 22, 8080

iptables -I INPUT -p tcp --dport 80 -j ACCEPT
iptables -I INPUT -p tcp --dport 22 -j ACCEPT
iptables -I INPUT -p tcp --dport 8080 -j ACCEPT

4- drop attack ip

iptables -A INPUT -p tcp -s remote_ip -j DROP

5- limit speed

iptables -A INPUT -p tcp --sport 5037 -m limit --limit 60/s -j ACCEPT

5- save and restart iptables

service iptables save
service iptables restart
posted @ 2018-09-21 11:49  idlewith  阅读(156)  评论(0编辑  收藏  举报