centos 7 防火牆和端口配置
--解決 RHEL 7/ CentOS 7/Fedora 出現Unit iptables.service failed to load
# 第一步,關閉firewall:
CentOS 7.0默認使用的是firewall作為防火牆,這里改為iptables防火牆。
systemctl stop firewalld.service #停止firewall
systemctl disable firewalld.service #禁止firewall開機啟動
# 第二步,安裝iptables-services:
yum install iptables-services
# 第三步,啟用iptables-services:
root@vm-xiluhua ~# systemctl enable iptables #啟用
Created symlink from /etc/systemd/system/basic.target.wants/iptables.service to /usr/lib/systemd/system/iptables.service.
root@vm-xiluhua ~# service iptables status #查看狀態
Redirecting to /bin/systemctl status iptables.service
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)
Active: inactive (dead)
root@vm-xiluhua ~# service iptables start #啟動
Redirecting to /bin/systemctl start iptables.service
root@vm-xiluhua ~# service iptables status
Redirecting to /bin/systemctl status iptables.service
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)
Active: active (exited) since 一 2016-10-03 15:41:24 CST; 8s ago
Process: 9913 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
Main PID: 9913 (code=exited, status=0/SUCCESS)
10月 03 15:41:24 vm-xiluhua systemd[1]: Starting IPv4 firewall with iptables...
10月 03 15:41:24 vm-xiluhua iptables.init[9913]: iptables: Applying firewall rules: [ 確定 ]
10月 03 15:41:24 vm-xiluhua systemd[1]: Started IPv4 firewall with iptables.
# 第4步,執行iptables命令開啟或關閉端口
# 開啟
iptables -A INPUT -p tcp --dport 3690 -j ACCEPT;
# 關閉
iptables -A INPUT -p tcp --dport 3690 -j DROP
# 查看是否有端口3690的配置,並顯示行號
iptables -L -n --line-number | grep 3690
# 按行號刪除,開啟或關閉
iptables -D INPUT 1
#保存規則到iptables,重啟配置依然有效
root@vm-xiluhua ~# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ 確定 ]
