CentOS Port shutdown and open command

1 Check the currently developed ports

#netstat-an

Suppose you found an unnecessary port of 631.

2 Find the port corresponding service

#lsof-I: 631

631 The corresponding service is CUPSD

3 View all Current services

#chkconfig –list

Found CUPSD's service name is Cups

4 Off Service

#/sbin/service Cups stop

5 Shutdown Service Auto start

If cups is started automatically with the server, you will also need to set the cups service to off.

#/sbin/chkconfig cups off

6. Close a port

1 through the Iptables tool to prohibit the port, such as:

"~$ sudo iptables-a input-p tcp--dport $PORT-j DROP"
"~$ sudo iptables-a output-p tcp--dport $PORT-j DROP"

2) or turn off the corresponding application, the port will naturally shut down, such as:

"~$ kill-9 pid" (PID: Process number)
such as: Through "~$ NETSTAT-ANP | grep ssh "
Show: TCP 0 127.0.0.1:2121 0.0.0.0:* LISTEN 7546/ssh
Then: "~$ kill-9 7546"

(You can view the open state of the system service through "~$ Chkconfig")

7. Open port

Iptables-a input-p TCP--dport 111-j ACCEPT


8. Develop discontinuous ports (including single):

Iptables-a input-p tcp-m multiport--dport 21,20-j
Others are closed:
Iptables-a input-p tcp-j REJECT--reject-with tcp-reset
Open Continuous Ports:
Iptables-a rh-firewall-1-input-m State--state new-m udp-p UDP--dport 8001:8140-j ACCEPT
can also directly modify the/etc/sysconfig/iptables, how to write, reference has begun mouth, or according to the above command to fill out

Reboot Iptables
Service Iptables Restart