如何解決centos防火墻無法啟動

如何解決centos防火墻無法啟動

如何解決centos防火墻無法啟動?

centos防火墻無法啟動,在線服務器都需要開啟防火墻服務,這是linux系統安全防護最直接有效方式。

1、如果出現?

service?iptables?start? service?iptables?restart

無法啟動/重啟防火墻時。

2、最佳的方法是修改配置文件

vi?/etc/sysconfig/iptables [plain]?view?plaincopy #?Firewall?configuration?written?by?system-config-firewall?? #?Manual?customization?of?this?file?is?not?recommended.?? *filter?? :INPUT?ACCEPT?[0:0]?? :FORWARD?ACCEPT?[0:0]?? :OUTPUT?ACCEPT?[0:0]?? -A?INPUT?-m?state?--state?ESTABLISHED,RELATED?-j?ACCEPT?? -A?INPUT?-p?icmp?-j?ACCEPT?? -A?INPUT?-i?lo?-j?ACCEPT?? -A?INPUT?-m?state?--state?NEW?-m?tcp?-p?tcp?--dport?22?-j?ACCEPT?? -A?INPUT?-j?REJECT?--reject-with?icmp-host-prohibited?? -A?FORWARD?-j?REJECT?--reject-with?icmp-host-prohibited?? COMMIT

然后再啟動防火墻

service?iptables?start

查看防火墻服務

service?iptables?status

3、如果需要開啟例外端口則,增加如下配置:

vi?/etc/sysconfig/iptables? [plain]?view?plaincopy #?Firewall?configuration?written?by?system-config-firewall?? #?Manual?customization?of?this?file?is?not?recommended.?? *filter?? :INPUT?ACCEPT?[0:0]?? :FORWARD?ACCEPT?[0:0]?? :OUTPUT?ACCEPT?[0:0]?? -A?INPUT?-m?state?--state?ESTABLISHED,RELATED?-j?ACCEPT?? -A?INPUT?-p?icmp?-j?ACCEPT?? -A?INPUT?-i?lo?-j?ACCEPT?? -A?INPUT?-m?state?--state?NEW?-m?tcp?-p?tcp?--dport?22?-j?ACCEPT?? -A?INPUT?-m?state?--state?NEW?-m?tcp?-p?tcp?--dport?3306?-j?ACCEPT?? -A?INPUT?-j?REJECT?--reject-with?icmp-host-prohibited?? -A?FORWARD?-j?REJECT?--reject-with?icmp-host-prohibited?? COMMIT

如上,增加了3306服務端口

如果需要關閉防火墻自動啟動則

查看狀態

chkconfig?--list?iptables

關閉自動啟動

chkconfig?iptables?off

查看狀態

chkconfig?--list?iptables

相關參考:centOS教程

以上就是如何解決

? 版權聲明
THE END
喜歡就支持一下吧
點贊8 分享