如何解決centos防火墻無法啟動?
centos防火墻無法啟動,在線服務器都需要開啟防火墻服務,這是linux系統安全防護最直接有效方式。
1、如果出現?
service?iptables?start? service?iptables?restart
無法啟動/重啟防火墻時。
2、最佳的方法是修改配置文件
vi?/etc/sysconfig/iptables [plain]?view?plaincopy #?Firewall?configuration?written?by?system-config-firewall?? #?Manual?customization?of?this?file?is?not?recommended.?? *filter?? :INPUT?ACCEPT?[0:0]?? :FORWARD?ACCEPT?[0:0]?? :OUTPUT?ACCEPT?[0:0]?? -A?INPUT?-m?state?--state?ESTABLISHED,RELATED?-j?ACCEPT?? -A?INPUT?-p?icmp?-j?ACCEPT?? -A?INPUT?-i?lo?-j?ACCEPT?? -A?INPUT?-m?state?--state?NEW?-m?tcp?-p?tcp?--dport?22?-j?ACCEPT?? -A?INPUT?-j?REJECT?--reject-with?icmp-host-prohibited?? -A?FORWARD?-j?REJECT?--reject-with?icmp-host-prohibited?? COMMIT
然后再啟動防火墻
service?iptables?start
查看防火墻服務
service?iptables?status
3、如果需要開啟例外端口則,增加如下配置:
vi?/etc/sysconfig/iptables? [plain]?view?plaincopy #?Firewall?configuration?written?by?system-config-firewall?? #?Manual?customization?of?this?file?is?not?recommended.?? *filter?? :INPUT?ACCEPT?[0:0]?? :FORWARD?ACCEPT?[0:0]?? :OUTPUT?ACCEPT?[0:0]?? -A?INPUT?-m?state?--state?ESTABLISHED,RELATED?-j?ACCEPT?? -A?INPUT?-p?icmp?-j?ACCEPT?? -A?INPUT?-i?lo?-j?ACCEPT?? -A?INPUT?-m?state?--state?NEW?-m?tcp?-p?tcp?--dport?22?-j?ACCEPT?? -A?INPUT?-m?state?--state?NEW?-m?tcp?-p?tcp?--dport?3306?-j?ACCEPT?? -A?INPUT?-j?REJECT?--reject-with?icmp-host-prohibited?? -A?FORWARD?-j?REJECT?--reject-with?icmp-host-prohibited?? COMMIT
如上,增加了3306服務端口
如果需要關閉防火墻自動啟動則
查看狀態
chkconfig?--list?iptables
關閉自動啟動
chkconfig?iptables?off
查看狀態
chkconfig?--list?iptables
相關參考:centOS教程
? 版權聲明
文章版權歸作者所有,未經允許請勿轉載。
THE END
喜歡就支持一下吧
相關推薦