Centos7.1 Firewall Open Port fast method

For example, after installing Nagios, to open 5666 ports to connect to the server, the command is as follows:?

1 2 3 4 5 6 7

[Root@centos7-1 ~] # firewall-cmd--add-port=5666/tcp instantly open, this can also be a port range, such as 1000-2000/tcp success [Root@centos7-1 ~] # Firewall-cmd--permanent--add-port=5666/tcp Write configuration file success [Root@centos7-1 ~] # firewall-cmd--reload reboot firewall success [root @centos7-1 ~] #

CentOS 7 Open ports:

After CentOS upgraded to 7 and found that it was not possible to use iptables to control the Linuxs port, Google later found that CentOS 7 used FIREWALLD instead of the original iptables. The following records how to use FIREWALLD to open Linux ports:

Open port
?

1	Firewall-cmd--zone=public--add-port=80/tcp--permanent

Command meaning:

--zone #作用域
--ADD-PORT=80/TCP #添加端口, Format: Port/Communication protocol
--permanent #永久生效, failure after reboot without this parameter

Reboot firewall
?

1	Firewall-cmd--reload

To set the CentOS Firewall open port:

When we use the CentOS system, the CentOS firewall sometimes needs to change the settings. The CentOS Firewall is open by default, and the CentOS firewall open port method is set as follows:

To open Iptables profile: vi/etc/sysconfig/iptables

When modifying the CentOS Firewall Note: Be sure to leave your own behind, VNC. Management port for a management port and SSH

The following is an example of a iptables:
?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21-22

# Firewall configuration written by System-config-securitylevel # Manual customization of ' This ' file is ' not recommended. *filter:input ACCEPT [0:0]: FORWARD ACCEPT [0:0]: OUTPUT ACCEPT [0:0]: Rh-firewall-1-input-[0:0]-A input-j Rh-firewal L-1-input-a forward-j rh-firewall-1-input-a rh-firewall-1-input-i lo-j accept-a rh-firewall-1-input-p icmp–icmp-t ype any-j accept-a rh-firewall-1-input-p 50-j accept-a rh-firewall-1-input-p 51-j accept-a rh-firewall-1-input-m State–state established,related-j accept-a rh-firewall-1-input-m state–state new-m tcp-p tcp–dport 53-j accept-a Rh-firewall-1-input-m state–state new-m udp-p udp–dport 53-j accept-a rh-firewall-1-input-m state–state new-m t Cp-p tcp–dport 22-j accept-a rh-firewall-1-input-m state–state new-m tcp-p tcp–dport 25-j accept-a RH-Firewall- 1-input-m state–state new-m tcp-p tcp–dport 80-j accept-a rh-firewall-1-input-m state–state new-m tcp-p TCP–DP ORT 443-j accept-a rh-fIrewall-1-input-j Reject–reject-with icmp-host-prohibited COMMIT

To modify the CentOS firewall, it is important to note that you must modify the file according to your own server.

For example, if you do not want to open 80 ports to provide Web services, then you should delete the line accordingly:
-A rh-firewall-1-input-m state–state new-m tcp-p tcp–dport 80-j ACCEPT

Restart Iptables:service iptables Restart after all modifications are completed

You can verify that the rules are in effect: iptables-l

In this way, we have completed the CentOS firewall settings modification.

The above is the entire content of this article, I hope to help you learn, but also hope that we support the script home.