Linux下iptables防火墙放开相关端口拒绝相关端口及

页面导航:首页 > 操作系统 > LINUX > Linux下iptables防火墙放开相关端口拒绝相关端口及

Linux下iptables防火墙放开相关端口拒绝相关端口及

来源: 作者: 时间:2016-01-14 17:21 【

我用的是fedora 141 查看iptables 防火墙已经开启的端口: etc init d iptables status[[email protected] ~] etc rc d init d iptables status 或者 service iptables sta

我用的是fedora 14

1. 查看iptables 防火墙已经开启的端口:/etc/init.d/iptables status

[[email protected] ~]#/etc/rc.d/init.d/iptables status 或者 service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306

Chain FORWARD (policy ACCEPT)
num target prot opt source destination

Chain OUTPUT (policy ACCEPT)
num target prot opt source destination

 

2. 开启 tcp 8080端口

/sbin/iptables -I INPUT -p tcp --dport 8080 -j ACCEPT

/etc/rc.d/init.d/iptables save 或者 service iptables save #保存配置 /etc/rc.d/init.d/iptables restart 或者 service iptables restart #重启服务

[[email protected] ~]# /sbin/iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
[[email protected] ~]# /etc/rc.d/init.d/iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
[[email protected] ~]# /etc/rc.d/init.d/iptables restart
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]

[[email protected] ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080
2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306

3. 删除chain INPUT指定规则1;

[[email protected] ~]# iptables -D INPUT 1
[[email protected] ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306

Chain FORWARD (policy ACCEPT)
num target prot opt source destination

Chain OUTPUT (policy ACCEPT)
num target prot opt source destination

4.Reject 指定端口;

[[email protected] ~]# /sbin/iptables -I INPUT -p tcp --dport 8080 -j REJECT
[[email protected] ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080 reject-with icmp-port-unreachable
2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306

Chain FORWARD (policy ACCEPT)
num target prot opt source destination

Chain OUTPUT (policy ACCEPT)
num target prot opt source destination

Tags:

文章评论

最 近 更 新
热 点 排 行
Js与CSS工具
代码转换工具

<