防火墙 selinux
一般需要关闭防火墙,selinux使用
防火墙状态查询
#关闭防火墙
[root@localhost ~]# systemctl status firewalld #查询防火墙状态,默认开启状态
'● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since 一 2023-11-20 19:38:31 CST; 2min 0s ago
Docs: man:firewalld(1)
Main PID: 701 (firewalld)
CGroup: /system.slice/firewalld.service
└─701 /usr/bin/python2 -Es /usr/sbin/firewalld ...'
临时关闭防火墙
[root@localhost ~]# systemctl stop firewalld #临时关闭防火墙,开机后自动开启
#查询结果为'dead'表示临时关闭
'● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead) since 一 2023-11-20 19:41:49 CST; 6s ago
Docs: man:firewalld(1)
Process: 701 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
Main PID: 701 (code=exited, status=0/SUCCESS)'
永久关闭防火墙
[root@localhost ~]# systemctl disable firewalld #永久关闭防火墙
' Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.'
#查询为'loaded'表示永久关闭
'● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)'
临时开启防火墙
#若设置防火墙关闭状态下需要打开防火墙
[root@localhost ~]# systemctl start firewalld #临时开启防火墙,重启后自动关闭
#查询结果为'loaded'下'running'
'● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: active (running) since 一 2023-11-20 19:52:28 CST; 3s ago
Docs: man:firewalld(1)
Main PID: 8307 (firewalld)
CGroup: /system.slice/firewalld.service
└─8307 /usr/bin/python2 -Es /usr/sbin/firewalld...'
永久开启防火墙
[root@localhost ~]# systemctl enable firewalld #永久开启防火墙
'Created symlink from /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service to /usr/lib/systemd/system/firewalld.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/firewalld.service to /usr/lib/systemd/system/firewalld.service.'
selinux查询
[root@localhost ~]# getenforce #查询selinux状态,默认开启状态
'Enforcing'
临时关闭selinux
[root@localhost ~]# setenforce 0 #临时关闭selinux
#查询结果
'Permissive'
永久关闭selinux
[root@localhost ~]# vim /etc/selinux/config #修改selinux配置文件
找到SELINUX='enforcing' 修改为'disabled'