1,关闭并停掉firewall[root@localhost ~]# systemctl stop firewalld.service[root@localhost ~]# systemctl disable firewalld.service2,安装iptables[root@localhost ~]# yum install iptables-services[root@localhost ~]# systemctl enable iptables.service[root@localhost ~]# systemctl restart firewalld.service[root@localhost ~]# cat /etc/sysconfig/iptables# sample configuration for iptables service# you can edit this manually or use system-config-firewall# please do not ask us to add additional ports/services to this default configuration*filter:INPUT ACCEPT [0:0]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [0:0]-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT-A INPUT -p icmp -j ACCEPT-A INPUT -i lo -j ACCEPT-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT #允许-A INPUT -p tcp -m state --state NEW -m tcp --dport 23 -j ACCEPT-A INPUT -p udp -m state --state NEW -m udp --dport 6970 -j DROP #禁止-A INPUT -p udp -m state --state NEW -m udp --dport 6971 -j DROP#-A INPUT -j REJECT --reject-with icmp-host-prohibited#-A FORWARD -j REJECT --reject-with icmp-host-prohibitedCOMMIT[root@localhost ~]# 3,关闭selinux[root@localhost ~]# setenforce 0 #使配置立即生效[root@localhost ~]# vim /etc/selinux/config#SELINUX=enforcing #注释掉#SELINUXTYPE=targeted #注释掉SELINUX=disabled #增加(责任编辑:IT) |