centos 7 防火墙和端口配置
--解决 RHEL 7/ CentOS 7/Fedora 出现Unit iptables.service failed to load
# 第一步,关闭firewall:
CentOS 7.0默认使用的是firewall作为防火墙,这里改为iptables防火墙。
systemctl stop firewalld.service #停止firewall
systemctl disable firewalld.service #禁止firewall开机启动
# 第二步,安装iptables-services:
yum install iptables-services
# 第三步,启用iptables-services:
root@vm-xiluhua ~# systemctl enable iptables #启用
Created symlink from /etc/systemd/system/basic.target.wants/iptables.service to /usr/lib/systemd/system/iptables.service.
root@vm-xiluhua ~# service iptables status #查看状态
Redirecting to /bin/systemctl status iptables.service
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)
Active: inactive (dead)
root@vm-xiluhua ~# service iptables start #启动
Redirecting to /bin/systemctl start iptables.service
root@vm-xiluhua ~# service iptables status
Redirecting to /bin/systemctl status iptables.service
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)
Active: active (exited) since 一 2016-10-03 15:41:24 CST; 8s ago
Process: 9913 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
Main PID: 9913 (code=exited, status=0/SUCCESS)
10月 03 15:41:24 vm-xiluhua systemd[1]: Starting IPv4 firewall with iptables...
10月 03 15:41:24 vm-xiluhua iptables.init[9913]: iptables: Applying firewall rules: [ 确定 ]
10月 03 15:41:24 vm-xiluhua systemd[1]: Started IPv4 firewall with iptables.
# 第4步,执行iptables命令开启或关闭端口
# 开启
iptables -A INPUT -p tcp --dport 3690 -j ACCEPT;
# 关闭
iptables -A INPUT -p tcp --dport 3690 -j DROP
# 查看是否有端口3690的配置,并显示行号
iptables -L -n --line-number | grep 3690
# 按行号删除,开启或关闭
iptables -D INPUT 1
#保存规则到iptables,重启配置依然有效
root@vm-xiluhua ~# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ 确定 ]