1、新加的测试服务器。启动tomcat正常 外部就是访问不了,查了资料,开放端口还需配置
编辑文件
vi /etc/sysconfig/iptables
Firewall configuration written by system-config-firewall
Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
增加8080端口
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
重启服务就ok了
service iptables restart
以上最后可能会出现 CentOS7关闭/开启防火墙出现Unit iptables.service failed to load: No such file or directory.
解决办法:
执行一下命令:
systemctl stop firewalld
systemctl mask firewalld
并且安装iptables-services:
yum install iptables-services
设置开机启动:
systemctl enable iptables
systemctl stop iptables
systemctl start iptables
systemctl restart iptables
systemctl reload iptables
保存设置:
service iptables save
OK,再试一下应该就好使了
开放某个端口 在/etc/sysconfig/iptables里添加
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEP