After the minimum installation of CentOS, FIREWALLD is automatically installed as a firewall, if you want to use iptables as a firewall, you can set the following:
I. Stop FIREWALLD Service
[Email protected] ~]# Systemctl stop Firewalld.service
Set boot disable FIREWALLD service
[Email protected] ~]# systemctl disable Firewalld.service
RM '/etc/systemd/system/basic.target.wants/firewalld.service '
RM '/etc/systemd/system/dbus-org.fedoraproject.firewalld1.service '
[Email protected] ~]#
Two. Installing Iptables-services
[email protected] ~]# Yum install iptables-services
Third: Modify the Iptables firewall rules
[Email protected] ~]# Vim/etc/sysconfig/iptables
*filter
: INPUT ACCEPT [0:0]
: FORWARD ACCEPT [0:0]
: OUTPUT ACCEPT [0:0]
-A input-m state--state related,established-j ACCEPT
-A input-p icmp-j ACCEPT
-A input-i lo-j ACCEPT
-A input-p tcp-m state--state new-m TCP--dport 22-j ACCEPT
-A input-p tcp-m State--state new-m TCP--dport 8080-j ACCEPT
-A input-j REJECT--reject-with icmp-host-prohibited
-A forward-j REJECT--reject-with icmp-host-prohibited
COMMIT
A new rule was added to allow the Tomcat installation to be successfully tested.
Four: Disable SELinux
[Email protected] ~]# Vim/etc/sysconfig/selinux
Comment out the other options and add the following line
Selinux=disabled
Just modified the SELinux configuration file, only after the restart to take effect, if you want to temporarily take effect, you can use the following command
[Email protected] ~]# Setenforce 0
Restart the system, all done!
Reference: http://linux.it.net.cn/CentOS/fast/2015/0110/11567.html writing.
This article is from the "focus on Java,linux Technology" blog, please be sure to keep this source http://wuqinglong.blog.51cto.com/9087037/1719706
Disable FIREWALLD, enable iptables as a firewall