Centos7 disable and configure iptables for firewall installation, centos7iptables
1. configure the firewall and enable port 80 and port 3306
CentOS 7.0 uses firewall as the firewall by default. Here, it is changed to iptables firewall.
1. Disable firewall:
Systemctl stop firewalld. service # stop firewall
Systemctl disable firewalld. service # disable firewall startup
2. Install iptables firewall IT network, http://www.it.net.cn
Yum install iptables-services # Installation
Vi/etc/sysconfig/iptables # edit the firewall configuration file
# Firewall configuration written by system-config-firewall
# Manual mizmization of this file is not recommended. It, http://www.it.net.cn
* Filter
: Input accept [0: 0]
: Forward accept [0: 0]
: Output accept [0: 0] Linux learning, http: // linux.it.net.cn
-A input-m state -- state ESTABLISHED, RELATED-j ACCEPT
-A input-p icmp-j ACCEPT
-A input-I lo-j ACCEPT
-A input-m state -- state NEW-m tcp-p tcp -- dport 22-j ACCEPT it, http://www.it.net.cn
-A input-m state -- state NEW-m tcp-p tcp -- dport 80-j ACCEPT
-A input-m state -- state NEW-m tcp-p tcp -- dport 3306-j ACCEPT
-A input-j REJECT -- reject-with icmp-host-prohibited
-A forward-j REJECT -- reject-with icmp-host-prohibited Linux, http: // linux.it.net.cn
COMMIT
: Wq! # Save and exit
Systemctl restart iptables. service # restart the firewall to make the configuration take effect.
Systemctl enable iptables. service # Set firewall startup
2. Disable selinux it network and http://www.it.net.cn
Vi/etc/selinux/config
# SELINUX = enforcing # comment out
# SELINUXTYPE = targeted # comment out
SELINUX = disabled # Add Linux learning, http: // linux.it.net.cn
: Wq! # Save and quit Linux learning, http: // linux.it.net.cn
Setenforce 0 # Make the configuration take effect immediately