打赏

星辰大海ゞ

That which does not kill us makes us stronger!

导航

Centos7 禁止firewalld并使用iptables 作默认防火墙以及忘记root密码的处理方法

一、停止并禁用firewalld

[root@test ~]# systemctl stop firewalld
[root@test ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.

二、查看iptables 列表,并安装service 软件

复制代码
[root@test ~]# yum list all iptables*
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirrors.neusoft.edu.cn
 * extras: mirrors.tuna.tsinghua.edu.cn
 * updates: mirrors.sina.cn
已安装的软件包
iptables.x86_64                                   1.4.21-16.el7                           @base
可安装的软件包
iptables.i686                                     1.4.21-16.el7                           base 
iptables-devel.i686                               1.4.21-16.el7                           base 
iptables-devel.x86_64                             1.4.21-16.el7                           base 
iptables-services.x86_64                          1.4.21-16.el7                           base 
iptables-utils.x86_64                             1.4.21-16.el7                           base 
复制代码

安装service

[root@test ~]# yum install iptables-services -y

 

三、启动iptables服务,并检查状态

复制代码
[root@test ~]# systemctl start iptables
[root@test ~]# systemctl status iptables
● iptables.service - IPv4 firewall with iptables
   Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; vendor preset: disabled)
   Active: active (exited) since 五 2016-08-05 07:54:57 CST; 9s ago
  Process: 8164 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
 Main PID: 8164 (code=exited, status=0/SUCCESS)

8月 05 07:54:56 test systemd[1]: Starting IPv4 firewall with iptables...
8月 05 07:54:57 test iptables.init[8164]: iptables: Applying firewall rules: [  OK  ]
8月 05 07:54:57 test systemd[1]: Started IPv4 firewall with iptables.
复制代码

四、加入开机自启动

[root@test ~]# systemctl enable iptables
Created symlink from /etc/systemd/system/basic.target.wants/iptables.service to /usr/lib/systemd/system/iptables.service.

 

另:systemctl命令相关

如何激活服务并在启动时启用或禁用服务(即系统启动时自动启动服务

# systemctl enable httpd.service

# systemctl disable httpd.service

如何屏蔽(让它不能启动)或显示服务(如 httpd.service)

# systemctl mask httpd.service

ln -s '/dev/null' '/etc/systemd/system/httpd.service'

# systemctl unmask httpd.service

rm '/etc/systemd/system/httpd.service

列出所有服务(包括启用的和禁用的):

# systemctl list-unit-files --type=service
UNIT FILE STATE
arp-ethers.service disabled
auditd.service enabled
autovt@.service disabled
blk-availability.service disabled
brandbot.service static
console-getty.service disabled
console-shell.service disabled
container-getty@.service static
...

分析启动时各个进程花费的时间:

# systemd-analyze blame
8.565s mariadb.service
7.991s webmin.service
6.095s postfix.service
4.311s httpd.service
3.926s firewalld.service
3.780s kdump.service
3.238s tuned.service
1.712s network.service
1.394s lvm2-monitor.service
1.126s systemd-logind.service
....

 

更多参考:https://linux.cn/article-5926-1.html 

 ------------------------------------------------------------------------------------------

忘记root密码时:

1 - 在启动grub菜单,选择编辑选项启动
2 - 按键盘e键,来进入编辑界面
3 - 找到Linux 16的那一行,将ro改为rw init=/sysroot/bin/sh
4 - 现在按下 Control+x ,使用单用户模式启动

 

posted on 2016-10-24 14:53  星辰大海ゞ  阅读(847)  评论(0编辑  收藏  举报