Centos7 禁止firewalld并使用iptables 作默认防火墙以及忘记root密码的处理方法
一、停止并禁用firewalld
[root@test ~]# systemctl stop firewalld [root@test ~]# systemctl disable firewalld Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
二、查看iptables 列表,并安装service 软件
[root@test ~]# yum list all iptables*
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.neusoft.edu.cn
* extras: mirrors.tuna.tsinghua.edu.cn
* updates: mirrors.sina.cn
已安装的软件包
iptables.x86_64 1.4.21-16.el7 @base
可安装的软件包
iptables.i686 1.4.21-16.el7 base
iptables-devel.i686 1.4.21-16.el7 base
iptables-devel.x86_64 1.4.21-16.el7 base
iptables-services.x86_64 1.4.21-16.el7 base
iptables-utils.x86_64 1.4.21-16.el7 base
安装service
[root@test ~]# yum install iptables-services -y
三、启动iptables服务,并检查状态
[root@test ~]# systemctl start iptables
[root@test ~]# systemctl status iptables
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; vendor preset: disabled)
Active: active (exited) since 五 2016-08-05 07:54:57 CST; 9s ago
Process: 8164 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
Main PID: 8164 (code=exited, status=0/SUCCESS)
8月 05 07:54:56 test systemd[1]: Starting IPv4 firewall with iptables...
8月 05 07:54:57 test iptables.init[8164]: iptables: Applying firewall rules: [ OK ]
8月 05 07:54:57 test systemd[1]: Started IPv4 firewall with iptables.
四、加入开机自启动
[root@test ~]# systemctl enable iptables Created symlink from /etc/systemd/system/basic.target.wants/iptables.service to /usr/lib/systemd/system/iptables.service.
另:systemctl命令相关
如何激活服务并在启动时启用或禁用服务(即系统启动时自动启动服务)
# systemctl enable httpd.service
# systemctl disable httpd.service
如何屏蔽(让它不能启动)或显示服务(如 httpd.service)
# systemctl mask httpd.service
ln -s '/dev/null' '/etc/systemd/system/httpd.service'
# systemctl unmask httpd.service
rm '/etc/systemd/system/httpd.service
列出所有服务(包括启用的和禁用的):
# systemctl list-unit-files --type=service
UNIT FILE STATE
arp-ethers.service disabled
auditd.service enabled
autovt@.service disabled
blk-availability.service disabled
brandbot.service static
console-getty.service disabled
console-shell.service disabled
container-getty@.service static
...
分析启动时各个进程花费的时间:
# systemd-analyze blame
8.565s mariadb.service
7.991s webmin.service
6.095s postfix.service
4.311s httpd.service
3.926s firewalld.service
3.780s kdump.service
3.238s tuned.service
1.712s network.service
1.394s lvm2-monitor.service
1.126s systemd-logind.service
....
更多参考:https://linux.cn/article-5926-1.html
------------------------------------------------------------------------------------------
忘记root密码时:
1 - 在启动grub菜单,选择编辑选项启动
2 - 按键盘e键,来进入编辑界面
3 - 找到Linux 16的那一行,将ro改为rw init=/sysroot/bin/sh
4 - 现在按下 Control+x ,使用单用户模式启动