一般的防火墙用下面这些简单的配置都能达到目的
1) 重启后生效
开启: chkconfig iptables on
关闭: chkconfig iptables off
2) 即时生效,重启后失效
开启: service iptables start
关闭: service iptables stop
需要说明的是对于Linux下的其它服务都可以用以上命令执行开启和关闭操作。
在开启了防火墙时,做如下设置,开启相关端口,
修改/etc/sysconfig/iptables 文件,添加以下内容:
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
但是这次我遇到的防火墙不一样,是因为CentOS版本高的问题吧。
只能用下面的的命令关闭防火墙
Centos7中的防火墙调整为firewalld,试一下systemctl stop firewalld关闭防火墙。
以下转载自:http://linux.it.net.cn/CentOS/fast/2014/1102/7635.html
新安装的centos 7 发现有些程序端口是关闭的,想到了防火墙和selinux
selinx 好关闭 /etc/sysconfig/selinux 中 追加 SELINUX=disabled
防火墙以为也是很好弄,按照以前的老规矩,service iptables stop 或者 chkconfig --level 35 iptables off
重启后 运行 systemctl list-unit-files | grep ip 发现还有个ip6tables 没关 chkconfig --level 35 ip6tables off
再运行 systemctl list-unit-files | grep ip 发现全部都disables 还是不通
没办法,只有添加规则了,tptables -I INPUT 1 -p tcp --dport 6259 -j ACCEPT
然后service iptables save 端口通了
我想这个是不是个BUG , 也许我没有找到方法,请告知
Centos7中的防火墙调整为firewalld,试一下systemctl stop firewalld关闭防火墙。
I installed CentOS 7 with minimal configuration (os + dev tools). I am trying to open 80 port for httpdservice, but something wrong with my iptables service ... what's wrong with it? What am I doing wrong?
# ifconfig/sbin/service iptables save
bash: ifconfig/sbin/service: No such file or directory
# /sbin/service iptables save
The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.
# sudo service iptables status
Redirecting to /bin/systemctl status iptables.service
iptables.service
Loaded: not-found (Reason: No such file or directory)
Active: inactive (dead)
# /sbin/service iptables save
The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.
# sudo service iptables start
Redirecting to /bin/systemctl start iptables.service
Failed to issue method call: Unit iptables.service failed to load: No such file or directory.With RHEL 7 / CentOS 7, firewalld was introduced to manage iptables. IMHO, firewalld is more suited for workstations than for server environments.
It is possible to go back to a more classic iptables setup. First, stop and mask the firewalld service:
systemctl stop firewalld
systemctl mask firewalld
Then, install the iptables-services package:
yum install iptables-services
Enable the service at boot-time:
systemctl enable iptables
Managing the service
systemctl [stop|start|restart] iptables
Saving your firewall rules can be done as follows:
service iptables save
or
/usr/libexec/iptables/iptables.init save