Disable the CentOS 6 and CentOS 7 firewalls.

Source: Internet
Author: User

Disable the CentOS 6 and CentOS 7 firewalls.

CentOS6.5 view the Firewall Status:

1 [Linuxidc @ localhost ~] $ Service iptable status

Display result:

1 2 3 4 5 [Linuxidc @ localhost ~] $ Service iptable status Redirecting to/bin/systemctl status iptable. service ● iptable. service Loaded: not-found (Reason: No such file or directory) Active: inactive (dead) -- indicates that the firewall has been disabled

Disable firewall in CentOS 6.5

1 2 [Root @ localhost ~] # Servcie iptables stop -- temporarily disable the firewall [root @ localhost ~] # Chkconfig iptables off -- permanently disable the Firewall

Disable firewall in CentOS 7.2

CentOS 7.0 uses firewall as the firewall by default. Here we change it to iptables firewall.


Firewall-cmd -- state # view the default firewall Status (notrunning is displayed after the firewall is disabled, and running is displayed after the firewall is enabled)

1 2 [Root @ localhost ~] # Firewall-cmd -- state not running

Check the Firewall Status:

Start from centos7 and use systemctl to manage services and programs, including service and chkconfig.

1 2 [Root @ localhost ~] # Systemctl list-unit-files | grep firewalld. service -- firewall is disabled firewalld. service disabled

Or

1 2 3 4 [Root @ localhost ~] # Systemctl status firewalld. service ● firewalld. service-firewalld-dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld. service; disabled; vendor preset: enabled) Active: inactive (dead)

Disable Firewall:

Systemctl stop firewalld. service # stop firewall
Systemctl disable firewalld. service # disable firewall startup

1 2 [Root @ localhost ~] # Systemctl stop firewalld. service [root @ localhost ~] # Systemctl disable firewalld. service
1 2 3 4 5 6 7 8 Start a service: systemctl start firewalld. service to close a service: systemctl stop firewalld. restart a service: systemctl restart firewalld. the service displays the status of a service: systemctl status firewalld. the service enables a service: systemctl enable firewalld. A service is disabled when it is started: systemctl disable firewalld. service to check whether the service is started: systemctl is-enabled firewalld. service; echo $? View the list of started services: systemctl list-unit-files | grep enabled
Centos 7 firewall command:

View opened ports:

firewall-cmd --list-ports

Enable Port

firewall-cmd --zone=public --add-port=80/tcp --permanent

Command description:

-Zone # Scope

-Add-port = 80/tcp # add a port in the format of port/communication protocol

-Permanent # takes effect permanently. If this parameter is not set, it becomes invalid after restart.

Restart Firewall

Firewall-cmd -- reload # restart firewallsystemctl stop firewalld. service # stop firewallsystemctl disable firewalld. service # disable firewall startupFirewall-cmd -- state# View the default Firewall Status (notrunning is displayed after the firewall is disabled, and running is displayed after the firewall is enabled)
Iptables commands for versions earlier than CentOS 7

To open ports 80, 22, and 8080, enter the following command.

/sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT/sbin/iptables -I INPUT -p tcp --dport 22 -j ACCEPT/sbin/iptables -I INPUT -p tcp --dport 8080 -j ACCEPT

Then save:

/etc/rc.d/init.d/iptables save

View opened ports:

/etc/init.d/iptables status

Disable Firewall
1) It takes effect permanently and will not be restored after restart

Enable: chkconfig iptables on

Close: chkconfig iptables off

2) takes effect immediately and recovers after restart

Enable: service iptables start

Disable: service iptables stop

View the Firewall status: service iptables status

The following describes the differences between CentOS7 and 6 default firewalls.

CentOS 7 uses firewall as the firewall by default. You must reset the firewall when using iptables.

1. Directly disable the Firewall

Systemctl stop firewalld. service # stop firewall

Systemctl disable firewalld. service # disable firewall startup

2. Set iptables service

Yum-y install iptables-services

If you want to modify the firewall configuration, such as adding the firewall port 3306

Vi/etc/sysconfig/iptables

Add Rules

-A input-m state -- state NEW-m tcp-p tcp -- dport 3306-j ACCEPT

Save and exit

Systemctl restart iptables. service # restart the firewall to make the configuration take effect.

Systemctl enable iptables. service # Set firewall startup

Restart the system to make the settings take effect.

Systemctl start iptables. service # Open the Firewall

Systemctl stop iptables. service # disable Firewall

Solve the problem that the host cannot access the site in CentOS a while ago, CentOS was installed on the Virtual Machine and apache + php + mysql was configured, but the local machine could not be accessed. I have never been involved. Details: 1. the local machine can ping the Virtual Machine 2. The virtual machine can also ping the local machine 3. The virtual machine can access its own web 4. The local machine cannot access the web of the Virtual Machine and later found that The firewall shields port 80.Check whether port 80 of the server is blocked by the firewall. Run the telnet server_ip 80 command to test the function. Solution:/sbin/iptables-I INPUT-p tcp -- dport 80-j ACCEPT and save:/etc/rc. d/init. d/iptables save and restart Firewall/etc/init. d/iptables restart: Disable the CentOS firewall and close its service. Then, you can view the CentOS Firewall Information:/etc/init. d/iptables status disable the CentOS Firewall Service:/etc/init. d/iptables stop

For more information about CentOS, see the CentOS topic page http://www.linuxidc.com/topicnews.aspx? Tid = 14

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.