一、firewalld
systemctl status firewalld //查看状态
systemctl stop firewalld //临时关闭
systemctl disable firewalld //永久关闭
二、iptables
yum install iptables-services // 安装
systemctl enable iptables.service //相当于以前的chkconfig iptables on
systemctl start iptables.service //开启服务
systemctl status iptables.service //查看状态
service iptables save && systemctl restart iptables.service //重启防火墙
三、case
iptables -I INPUT -p tcp --dport 80 -j DROP //关闭所有的80端口
iptables -I INPUT -s 192.168.1.0/24 -p tcp --dport 80 -j ACCEPT //开启ip段192.168.1.0/24端的80口
iptables -I INPUT -s 211.123.16.123/24 -p tcp --dport 80 -j ACCEPT //开启ip段211.123.16.123/24端ip段的80口
iptables -I INPUT -s 58.241.16.252 -p tcp --dport 33600 -j ACCEPT //向58.241.16.252开放33600端口
iptabels -A INPUT -p tcp -s 10.10.11.0/24 --dport 1024:65535-j ACCEPT //端口范围开通
四、doc
https://cloud.tencent.com/developer/article/1404092
https://www.cnblogs.com/clouders/p/6544584.html
https://www.cnblogs.com/kreo/p/4368811.html
http://www.zsythink.net/archives/1199/
网友评论