系统环境: Centos 6.6 正式版_32位
配置文件修改
vi /etc/ssh/sshd_config
按图中的修改后仅仅 2288 端口可以连接,若防火墙未修改断开后将再也连不上
防火墙修改
- 修改防火墙前:
- 添加 2288 端口命令
修改文件 /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 2288 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
4. 修改防火墙后:
5.
添加影梭端口
# Generated by iptables-save v1.4.7 on Sun May 26 22:34:06 2019
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p tcp -m multiport --dports 9088 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 9188 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 9288 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 9388 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 9488 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 9588 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 9688 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 9788 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 9888 -j ACCEPT
-A INPUT -p tcp -m multiport --dports 9988 -j ACCEPT
-A OUTPUT -p tcp -m multiport --sports 9088 -j ACCEPT
-A OUTPUT -p tcp -m multiport --sports 9188 -j ACCEPT
-A OUTPUT -p tcp -m multiport --sports 9288 -j ACCEPT
-A OUTPUT -p tcp -m multiport --sports 9388 -j ACCEPT
-A OUTPUT -p tcp -m multiport --sports 9488 -j ACCEPT
-A OUTPUT -p tcp -m multiport --sports 9588 -j ACCEPT
-A OUTPUT -p tcp -m multiport --sports 9688 -j ACCEPT
-A OUTPUT -p tcp -m multiport --sports 9788 -j ACCEPT
-A OUTPUT -p tcp -m multiport --sports 9888 -j ACCEPT
-A OUTPUT -p tcp -m multiport --sports 9988 -j ACCEPT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 2288 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Sun May 26 22:34:06 2019