在新安装的Linux系统中，防火墙默认是被禁掉的，一般也没有配置过任何防火墙的策略，所有不存在/etc/sysconfig/iptables文件。

原因：在新安装的Linux系统中，防火墙默认是被禁掉的，一般也没有配置过任何防火墙的策略，所有不存在/etc/sysconfig/iptables文件。



解决办法：
1、随便写一条iptables命令配置个防火墙规则：如：

iptables -P OUTPUT ACCEPT

2，进行保存

service iptables save

3，service iptables restart



异常

The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.

解决



With RHEL 7 / CentOS 7, firewalld was introduced to manage iptables. IMHO, firewalld is more suited for workstations than for server environments.

It is possible to go back to a more classic iptables setup. First, stop and mask the firewalld service:
 


[html] view plain copy
systemctl stop firewalld  
systemctl mask firewalld  


Then, install the iptables-services package:

[html] view plain copy
yum install iptables-services  



Enable the service at boot-time:

[html] view plain copy
systemctl enable iptables  



Managing the service

[html] view plain copy
systemctl stop iptables  
  
systemctl start iptables  
  
systemctl |restart iptables  


Saving your firewall rules can be done as follows:

[html] view plain copy
service iptables save  

or

[html] view plain copy
/usr/libexec/iptables/iptables.init save  

参考文章：
http://www.centoscn.com/CentosBug/osbug/2014/0919/3779.html

http://www.cnblogs.com/love3556/p/5923392.html

 

第二 Centos的防火墙默认是开启的，所以端口还得把防火墙关了，或在防火墙里添加个端口

//以下操作二选一
systemctl status firewalld // 查看防火墙状态
systemctl stop firewalld //关闭防火墙
firewall-cmd --zone=public --add-port=5000/tcp --permanent  // permanent参数是永远存在，不然的话，重启后就没有了
firewall-cmd --reload // 重启防火墙 ，添加端口后记得执行此命令