centos 7 中防火墙的关闭问题
时间:2014-11-02 11:13 来源:linux.it.net.cn 作者:IT网
新安装的centos 7 发现有些程序端口是关闭的,想到了防火墙和selinux
selinx 好关闭 /etc/sysconfig/selinux 中 追加 SELINUX=disabled
防火墙以为也是很好弄,按照以前的老规矩,service iptables stop 或者 chkconfig --level 35 iptables off
重启后 运行 systemctl list-unit-files | grep ip 发现还有个ip6tables 没关 chkconfig --level 35 ip6tables off
再运行 systemctl list-unit-files | grep ip 发现全部都disables 还是不通
没办法,只有添加规则了,tptables -I INPUT 1 -p tcp --dport 6259 -j ACCEPT
然后service iptables save 端口通了
我想这个是不是个BUG , 也许我没有找到方法,请告知
Centos7中的防火墙调整为firewalld,试一下systemctl stop firewalld关闭防火墙。
I installed CentOS 7 with minimal configuration (os + dev tools). I am trying to open 80 port for httpd
service, but something wrong with my iptables service ... what's wrong with it? What am I doing wrong?
# ifconfig/sbin/service iptables save
bash: ifconfig/sbin/service: No such file or directory
# /sbin/service iptables save
The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.
# sudo service iptables status
Redirecting to /bin/systemctl status iptables.service
iptables.service
Loaded: not-found (Reason: No such file or directory)
Active: inactive (dead)
# /sbin/service iptables save
The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.
# sudo service iptables start
Redirecting to /bin/systemctl start iptables.service
Failed to issue method call: Unit iptables.service failed to load: No such file or directory.
With RHEL 7 / CentOS 7, firewalld was introduced to manage iptables. IMHO, firewalld is more suited for workstations than for server environments.
It is possible to go back to a more classic iptables setup. First, stop and mask the firewalld service:
systemctl stop firewalld
systemctl mask firewalld
Then, install the iptables-services package:
yum install iptables-services
Enable the service at boot-time:
systemctl enable iptables
Managing the service
systemctl [stop|start|restart] iptables
Saving your firewall rules can be done as follows:
service iptables save
or
/usr/libexec/iptables/iptables.init save
(责任编辑:IT)
新安装的centos 7 发现有些程序端口是关闭的,想到了防火墙和selinux
selinx 好关闭 /etc/sysconfig/selinux 中 追加 SELINUX=disabled
防火墙以为也是很好弄,按照以前的老规矩,service iptables stop 或者 chkconfig --level 35 iptables off
重启后 运行 systemctl list-unit-files | grep ip 发现还有个ip6tables 没关 chkconfig --level 35 ip6tables off
再运行 systemctl list-unit-files | grep ip 发现全部都disables 还是不通
没办法,只有添加规则了,tptables -I INPUT 1 -p tcp --dport 6259 -j ACCEPT
然后service iptables save 端口通了
我想这个是不是个BUG , 也许我没有找到方法,请告知
Centos7中的防火墙调整为firewalld,试一下systemctl stop firewalld关闭防火墙。
I installed CentOS 7 with minimal configuration (os + dev tools). I am trying to open 80 port for httpd service, but something wrong with my iptables service ... what's wrong with it? What am I doing wrong?
With RHEL 7 / CentOS 7, firewalld was introduced to manage iptables. IMHO, firewalld is more suited for workstations than for server environments.
It is possible to go back to a more classic iptables setup. First, stop and mask the firewalld service:
Then, install the iptables-services package:
Enable the service at boot-time:
Managing the service
Saving your firewall rules can be done as follows:
or
(责任编辑:IT) |