Disable the default firewall in CentOS 7.0 and enable the iptables firewall.
Operating System Environment: CentOS Linux release 7.0.1406 (Core) 64-bit
CentOS 7.0 uses firewall as the firewall by default. Here we change it to iptables firewall.
1. Disable firewall:
Systemctl stop firewalld. service # stop firewall
Systemctl disable firewalld. service # disable firewall startup
Firewall-cmd -- state # view the default firewall Status (notrunning is displayed after the firewall is disabled, and running is displayed after the firewall is enabled)
2. iptables firewall (iptables has been installed and is configured below)
Vi/etc/sysconfig/iptables # edit the firewall configuration file
# Sampleconfiguration for iptables service
# You can edit thismanually or use system-config-firewall
# Please do not askus to add additional ports/services to this default configuration
* Filter
: Input accept [0: 0]
: Forward accept [0: 0]
: Output accept [0: 0]
-A input-m state -- state RELATED, ESTABLISHED-j ACCEPT
-A input-p icmp-jACCEPT
-A input-I lo-jACCEPT
-A input-p tcp-mstate -- state NEW-m tcp -- dport 22-j ACCEPT
-A input-p tcp-m state -- state NEW-m tcp -- dport 80-jACCEPT
-A input-p tcp-m state -- state NEW-m tcp -- dport 8080-j ACCEPT
-A input-j REJECT -- reject-with icmp-host-prohibited
-A forward-jREJECT -- reject-with icmp-host-prohibited
COMMIT
: Wq! # Save and exit
Note: Port 80 and port 8080 are used as examples. * ** It is generally added to the top or bottom of the line "-a input-p tcp-m state -- state NEW-m tcp -- dport 22-j ACCEPT, do not add it to the last line; otherwise, it will not take effect after the firewall is restarted.
Systemctlrestart iptables. service # restart the firewall to make the configuration take effect.
Systemctlenable iptables. service # Set firewall startup
The full text ..........
-------------------------------------- Split line --------------------------------------
Iptables examples
Iptables-packet filtering (Network Layer) Firewall
Linux Firewall iptables
Iptables + L7 + Squid implements a complete software firewall
Basic use of iptables backup, recovery, and firewall scripts
Detailed description of firewall iptables usage rules in Linux
-------------------------------------- Split line --------------------------------------