常用的开放端口命令:
iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
# 或者
iptables -A IN_public_allow -p tcp -m tcp --dport 8080 -m conntrack --ctstate NEW -j ACCEPT
查看已开放的端口:
iptables -L -n --line-number
重启iptables:
service iptables restart
如果输入此命令后提示如下:
Redirecting to /bin/systemctl restart iptable.service
Failed to issue method call: Unit iptable.service failed to load: No such file or directory.
则改用:
systemctl restart iptables.service
防火墙:
# 查看防火墙状态
firewall-cmd --state
# 启动防火墙
systemctl start firewalld.service
# 重启防火墙
systemctl restart firewalld.service
# 设置开机自启
systemctl enable firewalld.service
# 查看设置开机自启是否成功
systemctl is-enabled firewalld.service;echo $?
# 开放端口
firewall-cmd --zone=public --add-port=80/tcp --permanent
# 查看监听服务
netstat -ntlp
# 查看开启的端口
firewall-cmd --list-ports
关于操作iptables时应特别注意规则的顺序:
https://blog.csdn.net/jiangtongcn/article/details/63316538