The lesson of blood---attention in work (not finished)

matters of attention in the work

1. do not execute: yum-y remove python or rpm-e python--nodeps

Because Yum is written in Python, if you uninstall Python, Yum will no longer be able to use the

If you want to compile and install the new version of Python, do not uninstall the Python from CentOS, do not care about it.

2, do not do: iptables-f

Because if the default rule for the input chain in your filter table is that all requests are rejected, it's done.

[Email protected] ~]# iptables-l

Chain INPUT (policy DROP)

Target Prot opt source destination

ACCEPT TCP--anywhere anywhere TCP DPT:SSH

ACCEPT TCP--Anywhere anywhere state NEW TCP Dpt:http

ACCEPT TCP--Anywhere anywhere state NEW TCP Dpt:zabbix-trapper

ACCEPT TCP--Anywhere anywhere state NEW TCP dpt:zabbix-agent

Chain FORWARD (Policy ACCEPT)

Target Prot opt source destination

Chain OUTPUT (Policy ACCEPT)

Target Prot opt source destination

ACCEPT TCP--Anywhere anywhere state NEW TCP dpt:zabbix-agent

As above: if it is input (policy DROP), when we execute iptables-f, clear all the rules, the default input chain all requests are rejected, so 22 port will also be rejected, you cannot telnet

Correct practice : First iptables-l, if not DROP again iptables-f, if first execute iptables-p INPUT ACCEPT, then iptables-f empty

This article is from the "See" blog, please be sure to keep this source http://732233048.blog.51cto.com/9323668/1637208

The lesson of blood---attention in work (not finished)