怎样解决centos防火墙没法启动

怎样解决centos防火墙没法启动？

CentOS防火墙没法启动，在线效劳器都需要开启防火墙效劳，这是linux系统平安防护最直接有效方式。

1、假如显现

service iptables start 
service iptables restart

没法启动/重新启动防火墙时。

2、最好的办法是修改配置文件

vi /etc/sysconfig/iptables
[plain] view plaincopy
# Firewall configuration written by system-config-firewall  
# Manual customization of this file is not recommended.  
*filter  
:INPUT ACCEPT [0:0]  
:FORWARD ACCEPT [0:0]  
:OUTPUT ACCEPT [0:0]  
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT  
-A INPUT -p icmp -j ACCEPT  
-A INPUT -i lo -j ACCEPT  
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT  
-A INPUT -j REJECT --reject-with icmp-host-prohibited  
-A FORWARD -j REJECT --reject-with icmp-host-prohibited  
COMMIT

然后再启动防火墙

service iptables start

查看防火墙效劳

service iptables status

3、假如需要开启例外端口则，增添如下配置：

vi /etc/sysconfig/iptables 
[plain] view plaincopy
# Firewall configuration written by system-config-firewall  
# Manual customization of this file is not recommended.  
*filter  
:INPUT ACCEPT [0:0]  
:FORWARD ACCEPT [0:0]  
:OUTPUT ACCEPT [0:0]  
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT  
-A INPUT -p icmp -j ACCEPT  
-A INPUT -i lo -j ACCEPT  
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT  
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT  
-A INPUT -j REJECT --reject-with icmp-host-prohibited  
-A FORWARD -j REJECT --reject-with icmp-host-prohibited  
COMMIT

如上，增添了3306效劳端口

假如需要关闭防火墙主动启动则

查看状态

chkconfig --list iptables

关闭主动启动

chkconfig iptables off

查看状态

chkconfig --list iptables

相关参照 ：centOS教程

以上就是怎样解决centos防火墙没法启动的具体内容，更多请关注百分百源码网其它相关文章！