我有一个CentOS 7服务器,我打开了SNMP连接的端口.
即使我可以在这里看到端口打开:
[[email protected]_7_VM ~]$ sudo firewall-cmd --list-all
[sudo] password for matias:
public (active)
target: default
icmp-block-inversion: no
interfaces: ens33
sources:
services: ssh dhcpv6-client
ports: 80/tcp 10050/tcp 50000/tcp 161/tcp 160/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
当我试图从外面击中这个端口时,我总是得到关闭它.即使是nmap也同意这一点:
Starting Nmap 7.01 ( https://nmap.org ) at 2018-08-01 14:52 -03
Nmap scan report for Centos_7_VM (192.168.43.216)
Host is up (0.52s latency).
Not shown: 996 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
161/tcp closed snmp
50000/tcp closed ibm-db2
我还能做些什么来打开这些端口? (是的,当我最初打开端口时,我重新加载了firewalld.)
SNMP是UDP协议,而不是TCP协议.所以你需要打开UDP端口,即161 / udp.
更好的是,只需指定服务名称,firewalld将负责处理.
firewall-cmd --add-service=snmp