Linux防火墙日常中常用的一些操作,记录一下,防止忘记的时候到处找。
iptables
打开防火墙
sudo systemctl start iptables
开放指定端口
在iptables文件中设定指定端口,保存退出后,重启iptables服务
# 编辑iptables文件
sudo vim /etc/sysconfig/iptables
# 增加下面一行,表示开放22端口
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
# 重启服务
sudo systemctl restart iptables
查看防火墙状态
sudo systemctl status iptables
# Active: active (exited) 表示服务已启动
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; vendor preset: disabled)
Active: active (exited) since Wed 2021-02-24 17:07:30 CST; 5min ago
Main PID: 148524 (code=exited, status=0/SUCCESS)
CGroup: /system.slice/iptables.service
# Active: inactive (dead) 表示服务已停止
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; vendor preset: disabled)
Active: inactive (dead) since Wed 2021-02-24 17:12:56 CST; 6s ago
Process: 155758 ExecStop=/usr/libexec/iptables/iptables.init stop (code=exited, status=0/SUCCESS)
Main PID: 148524 (code=exited, status=0/SUCCESS)
关闭防火墙
sudo systemctl stop iptables
服务开机自动启动
# on表示开机自动启动
sudo chkconfig iptables on
# off表示开机禁止启动
sudo chkconfig iptables off
firewalld
一般会关掉firewalld,使用iptables
# 查看状态
sudo systemctl status firewalld
# 启动
sudo systemctl start firewalld
# 停止
sudo systemctl stop firewalld
# 禁用开机启动
sudo systemctl disable firewalld