iptables安装

1.安装iptable iptable-service

#先检查是否安装了iptables
service iptables status
#安装iptables
yum install -y iptables
#升级iptables
yum update iptables 
#安装iptables-services
yum install iptables-services

2.禁用/停止自带的firewalld服务

systemctl stop firewalld.service && sudo systemctl disable firewalld.service

3.将iptables置为开机自启

chkconfig iptables on

4.iptables的常用命令

service iptables  start      #启动服务

service iptables  stop　　   #停止服务

service iptables  restart　　#重启服务

service iptables  status     #重启服务

5.查看iptables规则

iptables -L -n

6.附上常用端口开放文档

# Generated by iptables-save v1.4.7 on Wed Jul 11 20:48:21 2018
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
# 上句之后添加的iptables无效
COMMIT
# Completed on Wed Jul 11 20:48:21 2018