默认情况下Linux的防火墙都是在关闭状态下的
[root@test etc]# service iptables status
Firewall is stopped.
[root@test etc]#防火墙开通的情况
[root@test ~]# service iptables start
iptables: Applying firewall rules: [ OK ]
[root@test ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all – 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
2 ACCEPT icmp – 0.0.0.0/0 0.0.0.0/0
3 ACCEPT all – 0.0.0.0/0 0.0.0.0/0
4 ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
5 REJECT all – 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all – 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
[root@test ~]#
以上可以看出,防火墙开通的端口为22 state NEW tcp dpt:22
还有其他一些状态信息
开通特定端口,比如tcp 80 和 5666端口
[root@test ~]# iptables -I INPUT -p tcp –dport 80 -j ACCEPT保存并重启防火墙
[root@test ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables: [ OK ]
[root@test ~]# service iptables restart
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]
[root@test ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
2 ACCEPT all – 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
3 ACCEPT icmp – 0.0.0.0/0 0.0.0.0/0
4 ACCEPT all – 0.0.0.0/0 0.0.0.0/0
5 ACCEPT tcp – 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
6 REJECT all – 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all – 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
端口80 已开通。同样的方式开通5666端口
扫一扫
650
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
