人本善良

导航

在新安装的Linux系统中,防火墙默认是被禁掉的,一般也没有配置过任何防火墙的策略,所有不存在/etc/sysconfig/iptables文件。

原因:在新安装的Linux系统中,防火墙默认是被禁掉的,一般也没有配置过任何防火墙的策略,所有不存在/etc/sysconfig/iptables文件。



解决办法:
1、随便写一条iptables命令配置个防火墙规则:如:

iptables -P OUTPUT ACCEPT

2,进行保存

service iptables save

3,service iptables restart



异常

The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.

解决



With RHEL 7 / CentOS 7, firewalld was introduced to manage iptables. IMHO, firewalld is more suited for workstations than for server environments.

It is possible to go back to a more classic iptables setup. First, stop and mask the firewalld service:
 


[html] view plain copy
systemctl stop firewalld  
systemctl mask firewalld  


Then, install the iptables-services package:

[html] view plain copy
yum install iptables-services  



Enable the service at boot-time:

[html] view plain copy
systemctl enable iptables  



Managing the service

[html] view plain copy
systemctl stop iptables  
  
systemctl start iptables  
  
systemctl |restart iptables  


Saving your firewall rules can be done as follows:

[html] view plain copy
service iptables save  

or

[html] view plain copy
/usr/libexec/iptables/iptables.init save  

参考文章:
http://www.centoscn.com/CentosBug/osbug/2014/0919/3779.html

http://www.cnblogs.com/love3556/p/5923392.html

 

第二 Centos的防火墙默认是开启的,所以端口还得把防火墙关了,或在防火墙里添加个端口

//以下操作二选一
systemctl status firewalld // 查看防火墙状态 systemctl stop firewalld //关闭防火墙 firewall-cmd --zone=public --add-port=5000/tcp --permanent // permanent参数是永远存在,不然的话,重启后就没有了
firewall-cmd --reload // 重启防火墙 ,添加端口后记得执行此命令

posted on 2018-04-05 14:52  简简单单2018  阅读(480)  评论(0编辑  收藏  举报