centos从7开始默认用的是firewalld,这个是基于iptables的,虽然有iptables的核心,但是iptables的服务是没安装的。所以你只要停止firewalld服务即可: sudo systemctl stop firewalld.service && sudo systemctl disable firewalld.service 如果你要改用iptables的话,需要安装iptables服务: sudo yum install iptables-services sudo systemctl enable iptables && sudo systemctl enable ip6tables sudo systemctl start iptables && sudo systemctl start ip6tables