Disable FIREWALLD, enable iptables as a firewall

After the minimum installation of CentOS, FIREWALLD is automatically installed as a firewall, if you want to use iptables as a firewall, you can set the following:

I. Stop FIREWALLD Service

[Email protected] ~]# Systemctl stop Firewalld.service

Set boot disable FIREWALLD service

[Email protected] ~]# systemctl disable Firewalld.service

RM '/etc/systemd/system/basic.target.wants/firewalld.service '

RM '/etc/systemd/system/dbus-org.fedoraproject.firewalld1.service '

[Email protected] ~]#

Two. Installing Iptables-services

[email protected] ~]# Yum install iptables-services

Third: Modify the Iptables firewall rules

[Email protected] ~]# Vim/etc/sysconfig/iptables

*filter

: INPUT ACCEPT [0:0]

: FORWARD ACCEPT [0:0]

: OUTPUT ACCEPT [0:0]

-A input-m state--state related,established-j ACCEPT

-A input-p icmp-j ACCEPT

-A input-i lo-j ACCEPT

-A input-p tcp-m state--state new-m TCP--dport 22-j ACCEPT

-A input-p tcp-m State--state new-m TCP--dport 8080-j ACCEPT

-A input-j REJECT--reject-with icmp-host-prohibited

-A forward-j REJECT--reject-with icmp-host-prohibited

COMMIT

A new rule was added to allow the Tomcat installation to be successfully tested.

Four: Disable SELinux

[Email protected] ~]# Vim/etc/sysconfig/selinux

Comment out the other options and add the following line

Selinux=disabled

Just modified the SELinux configuration file, only after the restart to take effect, if you want to temporarily take effect, you can use the following command

[Email protected] ~]# Setenforce 0

Restart the system, all done!

Reference: http://linux.it.net.cn/CentOS/fast/2015/0110/11567.html writing.

This article is from the "focus on Java,linux Technology" blog, please be sure to keep this source http://wuqinglong.blog.51cto.com/9087037/1719706

Disable FIREWALLD, enable iptables as a firewall