侧边栏壁纸
博主头像
★街角晚灯★博主等级

博观而约取 厚积而薄发

  • 累计撰写 438 篇文章
  • 累计创建 181 个标签
  • 累计收到 0 条评论

目 录CONTENT

文章目录

CentOS6 配置防火墙开启80端口、3306端口

WinJay
2014-05-21 / 0 评论 / 0 点赞 / 166 阅读 / 1342 字 / 正在检测是否收录...
温馨提示:
文章发布较早,内容可能过时,阅读注意甄别。。。。

title: 'CentOS6 配置防火墙开启80端口、3306端口' date: '2014-05-21T11:00:17+08:00'


[root@CentOS ~]# vim /etc/sysconfig/iptables

-A INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT			# 允许80端口通过防火墙 
-A INPUT -m state –state NEW -m tcp -p tcp –dport 3306 -j ACCEPT		# 允许3306端口通过防火墙

**特别提示:很多网友把这两条规则添加到防火墙配置的最后一行,导致防火墙启动失败,正确的应该是添加到默认的22端口这条规则的下面 ** 添加好之后防火墙规则如下所示:

\###################################### 
\# Firewall configuration written by system-config-firewall
\# Manual customization of this file is not recommended.
:INPUT ACCEPT \[0:0\]
:FORWARD ACCEPT \[0:0\] 
:OUTPUT ACCEPT \[0:0\]
-A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT
-A INPUT -m state –state NEW -m tcp -p tcp –dport 3306 -j ACCEPT
-A INPUT -j REJECT –reject-with icmp-host-prohibited
-A FORWARD -j REJECT –reject-with icmp-host-prohibited
COMMIT
\#####################################

最后重启防火墙使配置生效

/etc/init.d/iptables restart

查看打开的端口:

# /etc/init.d/iptables status

关闭防火墙:

#  /etc/init.d/iptables stop
0
  1. qrcode alipay
  2. qrcode weixin

评论区