怎样解决centos防火墙没法启动
发布时间:09/01 来源:未知 浏览:
关键词:
怎样解决centos防火墙没法启动?
CentOS防火墙没法启动,在线效劳器都需要开启防火墙效劳,这是linux系统平安防护最直接有效方式。
1、假如显现
service iptables start service iptables restart
没法启动/重新启动防火墙时。
2、最好的办法是修改配置文件
vi /etc/sysconfig/iptables [plain] view plaincopy # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT
然后再启动防火墙
service iptables start
查看防火墙效劳
service iptables status
3、假如需要开启例外端口则,增添如下配置:
vi /etc/sysconfig/iptables [plain] view plaincopy # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT
如上,增添了3306效劳端口
假如需要关闭防火墙主动启动则
查看状态
chkconfig --list iptables
关闭主动启动
chkconfig iptables off
查看状态
chkconfig --list iptables
相关参照 :centOS教程
以上就是怎样解决centos防火墙没法启动的具体内容,更多请关注百分百源码网其它相关文章!