2018-10-11
切換到iptables首先應該關掉默認的firewalld,然后安裝iptables服務
1、關閉firewall:
service firewalld stop
systemctl disable firewalld.service #禁止firewall開機啟動
2、安裝iptables防火牆
yum install iptables-services -y#安裝
3、編輯iptables防火牆配置
vi /etc/sysconfig/iptables #編輯防火牆配置文件
下邊是一個完整的配置文件:
Firewall configuration written by system-config-firewall Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 10999 -j ACCEPT (10999是修改的ssh端口)-A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT
:wq! #保存退出
service iptables start #開啟
systemctl enable iptables.service #設置防火牆開機啟動
4、修改ssh默認端口
vi /etc/ssh/sshd_config Port 10999 #將注釋打開,並且將默認的端口22修改為需要的端口號 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress ::
重啟ssh服務
systemctl restart sshd
完成之后即可使用修改之后的端口登錄服務器