TShopping

 找回密碼
 註冊
搜索
查看: 753|回復: 0
打印 上一主題 下一主題

[CentOS] CentOS 8 如何關閉firewalld 並打開iptables

[複製鏈接]
跳轉到指定樓層
1#
發表於 2022-12-11 18:58:33 | 只看該作者 回帖獎勵 |倒序瀏覽 |閱讀模式
 
Push to Facebook
停止及關閉firewalld
1. To begin with, you should disable Firewalld and make sure it does not start at boot again.

  1. systemctl stop firewalld
  2. systemctl disable firewalld
複製代碼

2. Masking the firewalld service creates a symlink from /etc/systemd/system/firewalld.service to /dev/null thus disabling the firewalld service.


  1. systemctl mask firewalld
複製代碼

Created symlink from /etc/systemd/system/firewalld.service to /dev/null.

安裝iptables
Install and configure iptables
1. To enable iptables, first we have to install the “iptables-services” package.

  1. yum install iptables-services
複製代碼

2. Start and enable the iptables service to be enabled at boot automatically.

  1. systemctl start iptables
  2. systemctl enable iptables
複製代碼

Check to see if any rules are left behind from firewalld. By default a fresh intall of iptables would have iptables rules as shown below.

  1. iptables -L
  2. Chain INPUT (policy ACCEPT)
  3. target     prot opt source               destination         
  4. ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
  5. ACCEPT     icmp --  anywhere             anywhere            
  6. ACCEPT     all  --  anywhere             anywhere            
  7. ACCEPT     tcp  --  anywhere             anywhere             state NEW tcp dpt:ssh
  8. REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

  9. Chain FORWARD (policy ACCEPT)
  10. target     prot opt source               destination         
  11. REJECT     all  --  anywhere             anywhere             reject-with icmp-host-prohibited

  12. Chain OUTPUT (policy ACCEPT)
  13. target     prot opt source               destination         
複製代碼

清除規則
Clearing leftover firewalld rules
1. If needed you can clear iptables rules left over from firewalld with the following commands.

  1. iptables -t nat -F
  2. iptables -t mangle -F
  3. iptables -F
  4. iptables -X
  5. service iptables save
複製代碼

2. Post running the above commands you would get an empty iptable rules as shown below.
  1. iptables -L
  2. Chain INPUT (policy ACCEPT)
  3. target     prot opt source               destination         

  4. Chain FORWARD (policy ACCEPT)
  5. target     prot opt source               destination         

  6. Chain OUTPUT (policy ACCEPT)
  7. target     prot opt source               destination         
複製代碼



參考文章
https://www.thegeekdiary.com/how ... s-in-centos-rhel-7/

 

臉書網友討論
*滑块验证:
您需要登錄後才可以回帖 登錄 | 註冊 |

本版積分規則



Archiver|手機版|小黑屋|免責聲明|TShopping

GMT+8, 2024-11-1 06:54 , Processed in 0.089557 second(s), 23 queries .

本論壇言論純屬發表者個人意見,與 TShopping綜合論壇 立場無關 如有意見侵犯了您的權益 請寫信聯絡我們。

Powered by Discuz! X3.2

© 2001-2013 Comsenz Inc.

快速回復 返回頂部 返回列表