linux开通防火墙

1. linux 如何查看防火墙是否开启

详细步骤如下：

1、芹让数打开Linux系统进入桌面，点击上方菜单栏处【系统】选项；

2. linux阒茬伀澧欓厤缃

linux閰岖疆阒茬伀澧欐诲叡闇瑕4姝ユ搷浣滐纴链瑙嗛戦氲繃centos7绯荤粺𨱒ユ搷浣滐纴鍏蜂綋镄勬搷浣沧柟娉曞备笅锛
1
镓揿紑缂栬緫鏂囦欢
棣栧厛鍦↙inux绯荤粺涓镆ユ垒骞舵墦寮缂栬緫閰岖疆阒茬伀澧欑殑鏂囦欢銆 2
娣诲姞璇鍙
鍦ㄦ墦寮镄勬枃浠朵腑娣诲姞璇鍙ワ纴璇鍙ヤ竴瀹氲佸湪icmp-host-prohibited涔嫔墠銆 3
閲嶅惎阒茬伀澧
閲嶅惎阒茬伀澧欙纴浣块厤缃鐢熸晥锛屽叆锻戒护銆 4
镆ョ湅阒茬伀澧
镆ョ湅阒茬伀澧欐槸钖︾敓鏁堬纴杈揿叆锻戒护锛歩ptables -L -n銆 end 1 2 3 4
澹版槑锛氭湰缃戦〉鍐呭规棬鍦ㄤ紶鎾鐭ヨ瘑锛岃嫢链変镜𨱒幂瓑闂棰樿峰强镞朵笌链缃戣仈绯伙纴鎴戜滑灏嗗湪绗涓镞堕棿鍒犻櫎澶勭悊銆

3. linux阒茬伀澧椤叧闂鍜屽紑钖锻戒护linux阒茬伀澧椤叧闂

linux濡备綍鍏抽棴阒茬伀澧欙纻

rhel6鍏抽棴阒茬伀澧欑殑鏂规硶涓猴细serviceiptablesstatus镆ョ湅褰揿墠阒茬伀澧欑姸镐1.姘镐箙镐х敓鏁埚紑钖锛歝hkconfigiptableson鍏抽棴锛歝hkconfigiptablesoff2.鍗虫椂鐢熸晥锛岄吨钖钖庡け鏁埚紑钖锛歴erviceiptablesstart鍏抽棴锛歴erviceiptablesstoprhel7鍏抽棴阒茬伀澧欑殑鏂规硶妫钥呬负锛歴ystemctlstatusfirewalld镆ョ湅褰揿墠阒茬伀澧欑姸镐1.姘镐箙镐х敓鏁埚紑钖锛歴ystemctlenablefirewalld鍏抽棴锛歴ystemctldisablefirewalld2.鍗虫椂鐢熸晥锛岄吨钖钖庡け鏁埚紑钖锛歴ystemctlstartfirewalld鍏抽棴锛歴ystemctlstopfirewalld

linux濡备綍鍏抽棴nginx阒茬伀澧欙纻

Linux鍏抽棴Nginx阒茬伀澧欑殑锻戒护鏄锛氭や妇钖

firewall-cmd--remove-port=80/tcp--permanent

firewall-cmdreload

systemctlrestartfirewalld.service

linux6.0淇鏀归槻𨱔澧栾剧疆锛

鏀筁inux绯荤粺阒茬伀澧欓厤缃闇瑕佷慨鏀/etc/sysconfig/iptables杩欎釜鏂囦欢

vim/etc/sysconfig/iptables

鍦╲im缂栬緫鍣锛屼细鐪嫔埌涓嬬瓟镙搁溃镄勫唴瀹

#-config-firewall

#.

*filter

:INPUTACCEPT

:FORWARDACCEPT

:OUTPUTACCEPT

-AINPUT-mstate--stateESTABLISHED,RELATED-jACCEPT

-AINPUT-picmp-jACCEPT

-AINPUT-ilo-jACCEPT

-AINPUT-mstate--stateNEW-mtcp-ptcp--dport22-jACCEPT

-AINPUT-mstate--stateNEW-mtcp-ptcp--dport8080-jACCEPT

-AINPUT-mstate--stateNEW-mtcp-ptcp--dport3306-jACCEPT

-AINPUT-mstate--stateNEW-mtcp-ptcp--dport2181-jACCEPT

-AINPUT-jREJECT--reject-withicmp-host-prohibited

-AFORWARD-jREJECT--reject-withicmp-host-prohibited

COMMIT

闇瑕佸紑鏀剧鍙ｏ纴璇峰湪閲岄溃娣诲姞涓𨱒′竴涓嫔唴瀹瑰嵆鍙:

-ARH-Firewall-1-INPUT-mstate--stateNEW-mtcp-ptcp--dport1521-jACCEPT

鍏朵腑1521鏄瑕佸紑鏀剧殑绔鍙ｅ彿锛岀劧钖庨吨鏂板惎锷╨inux镄勯槻𨱔澧欐湇锷°

Linux涓嫔仠姝/钖锷ㄩ槻𨱔澧欐湇锷＄殑锻戒护(root鐢ㄦ埛浣跨敤)锛

serviceiptablesstop--锅沧

serviceiptablesstart--钖锷

鍐椤湪链钖:

#姘镐箙镐х敓鏁堬纴閲嶅惎钖庝笉浼氩嶅师

chkconfigiptableson#寮钖

chkconfigiptablesoff#鍏抽棴

#鍗虫椂鐢熸晥锛岄吨钖钖庡嶅师

serviceiptablesstart#寮钖

serviceiptablesstop#鍏抽棴

Linux鍐呮牳鎻愪緵阒茬伀澧椤悧锛

鎻愪緵

SElinux鏄锘轰簬鍐呮牳寮鍙戝嚭𨱒ョ殑涓绉嶅畨鍏ㄦ満鍒讹纴琚绉颁箣涓哄唴镙哥骇锷犲己鍨嬮槻𨱔澧欙纴链夊姏镄勬彁鍗囦简绯荤粺镄勫畨鍏ㄦс

SElinux镄勪綔鐢ㄥ垎涓轰袱鏂归溃锛1.鍦ㄦ湇锷′笂闱㈠姞涓婃爣绛撅绂2.鍦ㄥ姛鑳戒笂闱㈤檺鍒跺姛鑳

鍦╨inux绯荤粺涓浣跨敤getenforce锻戒护鍙浠ユ煡鐪媠elinux镄勭姸镐侊细

disabled涓哄叧闂鐘舵侊纴瀵规湇锷″拰锷熻兘閮芥病链夐檺鍒

enforcing涓哄己鍒剁姸镐侊纴瀵规湇锷″拰锷熻兘閮借繘琛岄檺鍒

linux涓镐庢牱镆ョ湅阒茬伀澧欐槸钖﹀叧闂浜嗭纻

璇︾粏姝ラゅ备笅锛

1銆佹墦寮Linux绯荤粺杩涘叆妗岄溃锛岀偣鍑讳笂鏂硅彍鍗曟爮澶勚愮郴缁熴戦夐”锛

2銆佸湪寮瑰嚭镄勮彍鍗曟爮涓锛屼緷娆＄偣鍑汇愮＄悊銆戯纴銆愰槻𨱔澧欍戦夐”锛

3銆佽繘鍏ラ槻𨱔澧欑晫闱锛岃緭鍏ョ敤鎴峰瘑镰侊纴杩涜屽畨鍏ㄩ獙璇侊绂

4銆佽繛鎺ユ湇锷″櫒钖庯纴杈揿叆璇鍙モ荣erviceiptablesstatus钬欙纴锲炶溅锛屼细鏄剧ず阒茬伀澧欑姸镐侊绂

5銆佽緭鍏ヨ鍙モ榗hkconfigiptableson钬欙纴鍙浠ュ紑钖阒茬伀澧欍傛垨钥呬娇鐢ㄨ鍙モ榗hkconfigiptablesoff钬欙纴鍏抽棴阒茬伀澧欙纴闇瑕侀吨钖钖庣敓鏁堛