1、在Linux系统中查找并打开文2113件以编辑5261和配置防火墙,执行命令。4102:vi/etc/sysconfig/iptables。2、将以下语句添1653加到上面打开的文件中:-AINPUT-mstate-stateNEW-mtcp-ptcp-dport80-jACCEPT(允许端口80通过防火墙,这里以端口80为例)。请注意,上述语句不会加载文件的最后一面,这将导致防火墙无法启动。应将正确的一个添加到默认的22端口规则中。3、配置防火墙规则#Manualcustomizationofthisfileisnotrecommended.4、重启防火墙,使配置生效。/etc/init.d/iptablesrestart或者serviceiptablesrestart重启如下:扩展资料:查看防火墙规则是否生效:[root@localhostbin]#iptables-L-nChainINPUT(policyACCEPT)target protoptsource destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 stateRELATED,ESTABLISHED ACCEPT icmp-- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 stateNEWtcpdpt:22 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 stateNEWtcpdpt:80 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-withicmp-host-prohibited ChainFORWARD(policyACCEPT)target protoptsource destinationREJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-withicmp-host-prohibited ChainOUTPUT(policyACCEPT)target protoptsource destination参考资料:百度百科-防火墙
阅读全文 >