參考文章
https://www.thegeekdiary.com/how ... s-in-centos-rhel-7/

  1. iptables -L
  2. Chain INPUT (policy ACCEPT)
  3. target     prot opt source               destination         
  4.  
  5. Chain FORWARD (policy ACCEPT)
  6. target     prot opt source               destination         
  7.  
  8. Chain OUTPUT (policy ACCEPT)
  9. target     prot opt source               destination         
複製代碼
網頁設計

終了及封閉firewalld
1. To begin with, you should disable Firewalld and make sure it does not start at boot again.
 

  1. systemctl stop firewalld
  2. systemctl disable firewalld
複製代碼


Created symlink from /etc/systemd/system/firewalld.service to /dev/null.

安裝iptables
Install and configure iptables
1. To enable iptables, first we have to install the “iptables-services” package.
 


2. Post running the above commands you would get an empty iptable rules as shown below.

  1. systemctl start iptables
  2. systemctl enable iptables
複製代碼
  1. iptables -L
  2. Chain INPUT (policy ACCEPT)
  3. target     prot opt source               destination         
  4. ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
  5. ACCEPT     icmp --  anywhere             anywhere            
  6. ACCEPT     all  --  anywhere             anywhere            
  7. ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:ssh
  8. REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited
  9.  
  10. Chain FORWARD (policy ACCEPT)
  11. target     prot opt source               destination         
  12. REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited
  13.  
  14. Chain OUTPUT (policy ACCEPT)
  15. target     prot opt source               destination         
複製代碼


排除劃定規矩
Clearing leftover firewalld rules
1. If needed you can clear iptables rules left over from firewalld with the following commands.
 


2. Masking the firewalld service creates a symlink from /etc/systemd/system/firewalld.service to /dev/null thus disabling the firewalld service.

 


Check to see if any rules are left behind from firewalld. By default a fresh intall of iptables would have iptables rules as shown below.
 


2. Start and enable the iptables service to be enabled at boot automatically.
 

  1. iptables -t nat -F
  2. iptables -t mangle -F
  3. iptables -F
  4. iptables -X
  5. service iptables save
複製代碼
  1. systemctl mask firewalld
複製代碼
  1. yum install iptables-services
複製代碼


引用自:
arrow
arrow
    文章標籤
    網頁設計
    全站熱搜

    victorjod6q 發表在 痞客邦 留言(0) 人氣()