redis设置防火墙的问题
Linux 下载安装配置Redis完整步骤
安装:
1.获取redis资源
wget http://download.redis.io/releases/redis-4.0.8.tar.gz
2.解压
tar xzvf redis-4.0.8.tar.gz
3.安装
cd redis-4.0.8
make
cd src
make install PREFIX=/usr/local/redis
4.移动配置文件到安装目录下
cd ../
mkdir /usr/local/redis/etc
mv redis.conf /usr/local/redis/etc
5.配置redis为后台启动
vi /usr/local/redis/etc/redis.conf //将daemonize no 改成daemonize yes
6.将redis加入到开机启动
vi /etc/rc.local //在里面添加内容:/usr/local/redis/bin/redis-server /usr/local/redis/etc/redis.conf (意思就是开机调用这段开启redis的命令)
7.开启redis
/usr/local/redis/bin/redis-server /usr/local/redis/etc/redis.conf
8.配置 redis-cli 环境
sudo vim /etc/profile
写入: export PATH=</usr/local/redis/bin/redis-cli>:$PATH
常用命令
redis-server /usr/local/redis/etc/redis.conf //启动redis
pkill redis //停止redis
卸载redis:
rm -rf /usr/local/redis //删除安装目录
rm -rf /usr/bin/redis-* //删除所有redis相关命令脚本
rm -rf /root/download/redis-4.0.4 //删除redis解压文件夹
来自:https://www.cnblogs.com/lauhp/p/8487029.html
查找防火墙的位置状态
[root@localhost demo]# systemctl status firewalld ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: active (running) since 三 2019-03-06 00:56:15 PST; 2min 43s ago Docs: man:firewalld(1) Main PID: 630 (firewalld) CGroup: /system.slice/firewalld.service └─630 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid 3月 06 00:56:14 localhost.localdomain systemd[1]: Starting firewalld - dynamic fir.... 3月 06 00:56:15 localhost.localdomain systemd[1]: Started firewalld - dynamic fire.... Hint: Some lines were ellipsized, use -l to show in full.
关闭防火墙:
systemctl stop firewalld.service #停止firewall
systemctl disable firewalld.service #禁止firewall开机启动
systemctl start firewalld.service #开启防火墙
如果你在redis中设置了密码想要修改不要密码可以使用
config set requirepass ""
当你设置了密码输入密码时都需要加上一个
auth admin #admin是设置的密码
在防火墙中添加端口 6379
[root@localhost /]# firewall-cmd --zone=public --add-port=6379/tcp --permanent
Warning: ALREADY_ENABLED: 6379:tcp
success
然后重启防火墙
[root@localhost /]# firewall-cmd --reload
success
查询所有的开放的端口号
[root@localhost /]# firewall-cmd --list-port 6379/tcp
③查询linux本地Ip,执行ifconfig
[root@localhost /]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:23:62:fe brd ff:ff:ff:ff:ff:ff inet 192.168.111.130/24 brd 192.168.111.255 scope global dynamic ens33 valid_lft 1417sec preferred_lft 1417sec inet6 fe80::eb6e:fbad:27d5:9c4a/64 scope link valid_lft forever preferred_lft forever 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000 link/ether 52:54:00:5c:36:38 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000 link/ether 52:54:00:5c:36:38 brd ff:ff:ff:ff:ff:ff [root@localhost /]#
但是,xinetd和telnet的服务都启动不了,telnet连服务名都不存在:
#systemctl status telnet.socket
如果显示inactive则表示没有打开请执行
# systemctl enable telnet.socket 加入开机启动
# systemctl start telnet.socket 启动Telnet服务
# systemctl status telnet.socket 再次查看服务状态
systemctl stop firewalld.service,使用这个停用防火墙,应该是这个问题,7使用的是Firewall防火墙
(https://www.cnblogs.com/gyrgyr/p/7954090.html)
[root@localhost ~]# systemctl status telnet.socket ● telnet.socket - Telnet Server Activation Socket Loaded: loaded (/usr/lib/systemd/system/telnet.socket; disabled; vendor preset: disabled) Active: inactive (dead) Docs: man:telnetd(8) Listen: [::]:23 (Stream) Accepted: 0; Connected: 0 [root@localhost ~]# systemctl start telnet.socket [root@localhost ~]# systemctl status telnet.cocket Unit telnet.cocket.service could not be found. [root@localhost ~]# systemctl status telnet.socket ● telnet.socket - Telnet Server Activation Socket Loaded: loaded (/usr/lib/systemd/system/telnet.socket; disabled; vendor preset: disabled) Active: active (listening) since 日 2019-04-07 06:41:56 PDT; 28s ago Docs: man:telnetd(8) Listen: [::]:23 (Stream) Accepted: 0; Connected: 0 4月 07 06:41:56 localhost.localdomain systemd[1]: Listening on Telnet Server Activ.... 4月 07 06:41:56 localhost.localdomain systemd[1]: Starting Telnet Server Activatio.... Hint: Some lines were ellipsized, use -l to show in full. [root@localhost ~]# systemctl stop firewalld.service [root@localhost ~]# ps -ef|grep redis root 3496 3443 0 05:34 pts/0 00:00:05 redis-server *:6379 root 6832 4666 0 06:44 pts/1 00:00:00 grep --color=auto redis [root@localhost ~]# telnet 127.0.0.1 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. Kernel 3.10.0-514.el7.x86_64 on an x86_64
[root@andy ~]# telnet 192.168.120.204 Trying 192.168.120.204... Connected to 192.168.120.204 (192.168.120.204). Escape character is '^]'. localhost (Linux release 2.6.18-274.18.1.el5 #1 SMP Thu Feb 9 12:45:44 EST 2012) (1) login: root Password: Login incorrect
一般情况下不允许root从远程登录,可以先用普通账号登录,然后再用su -切到root用户。
下载安装iptables
yum install iptables
启动 /bin/systemctl start iptables.service
关闭 /bin/systemctl start iptables.service
如果遇到问题 (https://blog.csdn.net/c233728461/article/details/52679558)
报错Failed to start iptables.service: Unit iptables.service failed to load: No such file or directory.
或 Failed to start iptables.service: Unit not found.
[root@localhost ~]# firewall-cmd --zone=public --add-port=80/tcp --permanent success [root@localhost ~]# firewall-cmd --zone=public --add-port=1000-2000/tcp --permanent success [root@localhost ~]# firewall-cmd --reload success [root@localhost ~]# firewall-cmd --zone=public --query-port=80/tcp yes [root@localhost ~]# yum install iptables-services
设置开机启动: systemctl enable iptables
保存设置: service iptables save
开放某个端口 在/etc/sysconfig/iptables里添加
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
redis 设置密码
查询密码:
redis 127.0.0.1:6379> config get requirepass
因为初始没有密码,所以无需输入,即可连接服务。
redis-cli.exe -h 127.0.0.1 -p 6379