CentOS 7.x iptables Firewall Configuration
Systemctl stop firewalld. service # stop firewall
Systemctl disable firewalld. service
# Disable firewall from starting sudo yum install iptables-services
# Install iptables firewall sudo systemctl enable iptables
# Set iptables to boot vi/etc/sysconfig/iptables
# Edit the Firewall configuration file # firewall configuration written by system-config-Firewall # Manual customization of this file is not recommended.
* Filter
: Input accept [0: 0]
: Forward accept [0: 0]
: Output accept [0: 0]
-A input-m state -- state ESTABLISHED, RELATED-j ACCEPT
-A input-p icmp-j ACCEPT
-A input-I lo-j ACCEPT
-A input-m state -- state NEW-m tcp-p tcp -- dport 22-j ACCEPT
-A input-m state -- state NEW-m tcp-p tcp -- dport 80-j ACCEPT
-A input-m state -- state NEW-m tcp-p tcp -- dport 3306-j ACCEPT
-A input-j REJECT -- reject-with icmp-host-prohibited-a forward-j REJECT -- reject-with icmp-host-prohibited
COMMIT: wq!
# Save and exit systemctl restart iptables. service
# Restart the firewall to make the configuration take effect. systemctl enable iptables. service
# Set firewall startup