When installing the CentOS Operating system, if the firewall (iptables) service is not enabled when you configure the system for the first time, the system will not automatically generate the iptables configuration file. To enable the firewall service in the future, you must manually configure the configuration file. The configuration file of the firewall service is/etc/sysconfig/iptables. The default configuration is provided here for you to install the CentOS operating system on a daily basis. if the firewall is not enabled when you configure the system for the first time (
Iptables) Service, the system will not automatically generate
IptablesConfiguration file. To enable the firewall service in the future, you must manually configure the configuration file. The configuration file of the firewall service is/etc/sysconfig/iptables. The default configuration is provided here for future reference.
When installing the CentOS Operating system, if the firewall (iptables) service is not enabled when you configure the system for the first time, the system will not automatically generate the iptables configuration file. To enable the firewall service in the future, you must manually configure the configuration file.
The configuration file of the firewall service is/etc/sysconfig/iptables. The default configuration is provided here for future reference.
# Vi/etc/sysconfig/iptables # Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
* Filter
: Input accept [0: 0]
: Forward accept [0: 0]
: Output accept [0: 0]
: RH-Firewall-1-INPUT-[0: 0]
-A input-j RH-Firewall-1-INPUT
-A forward-j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT-I lo-j ACCEPT
-A RH-Firewall-1-INPUT-p icmp -- icmp-type any-j ACCEPT
-An RH-Firewall-1-INPUT-p 50-j ACCEPT
-An RH-Firewall-1-INPUT-p 51-j ACCEPT
-A RH-Firewall-1-INPUT-p udp -- dport 5353-d 224.0.0.20.- j ACCEPT
-A RH-Firewall-1-INPUT-p udp-m udp -- dport 631-j ACCEPT
-A RH-Firewall-1-INPUT-p tcp-m tcp -- dport 631-j ACCEPT
-A RH-Firewall-1-INPUT-m state -- state ESTABLISHED, RELATED-j ACCEPT
-A RH-Firewall-1-INPUT-m state -- state NEW-m tcp-p tcp -- dport 22-j ACCEPT
-A RH-Firewall-1-INPUT-j REJECT -- reject-with icmp-host-prohibited
COMMIT
Zero technology Save the configuration and restart the firewall (iptables) service to enable the firewall function.
#/Etc/init. d/iptables restart
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.