#/Sbin/iptables-I input-p tcp -- dport 80-j ACCEPT #/sbin/iptables-I INPUT-p tcp -- dport 22-j ACCEPT #/etc/rc. d/init. d/iptables save after the computer is restarted, the firewall has opened ports 80 and 22 by default. Temporarily shut down the firewall completely without restarting the machine: #/etc/init. d/iptables status # view the Firewall status #/etc/init. d/iptable stop # disable the firewall this time #/etc/init. d/iptable restart # restart the firewall to permanently close the firewall: # chkconfig -- level 35 iptables off: you can set the open port of the firewall as follows: vi/etc/sysconfig/iptables it is best to leave the Management port of VNC and SSH when modifying the firewall. The following is an example of iptables: # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. * filter: input accept [0: 0]: forward accept [0: 0]: output accept [0: 0]: RH-Firewall-1-INPUT-[0: 0]-a input-j RH-Firewall-1-INPUT-A FORWARD-j RH-Firewall-1-INPUT-A RH-Firewall-1-INPUT-I lo-j ACCEPT-A RH-Firewall-1-INPUT-p icmp-type any-j ACCEPT-A RH-Firewal L-1-INPUT-p 50-j ACCEPT-A RH-Firewall-1-INPUT-p 51-j ACCEPT-A RH-Firewall-1-INPUT-m state-state ESTABLISHED, RELATED-j ACCEPT-A RH-Firewall-1-INPUT-m state-state NEW-m tcp-p tcp-dport 53-j ACCEPT-A RH-Firewall-1-INPUT-m state-state NEW-m udp-p udp-dport 53- j ACCEPT-A RH-Firewall-1-INPUT-m state-state NEW-m tcp-p tcp-dport 22-j ACCEPT-A RH-Firewall-1-INPUT-m state-state NE W-m tcp-p tcp-dport 25-j ACCEPT-A RH-Firewall-1-INPUT-m state-state NEW-m tcp-p tcp-dport 80-j ACCEPT-A RH-Firewall-1-INPUT-m state-state NEW- m tcp-p tcp-dport 443-j ACCEPT-A RH-Firewall-1-INPUT-j REJECT-reject-with icmp-host-prohibitedCOMMIT to modify this file as needed, for example, if you do not want to open port 80 to provide web services, delete the line accordingly: -A RH-Firewall-1-INPUT-m state-state NEW-m tcp-p tcp-dport 80-j ACCEPT all modified and then restarted Iptables: service iptables restart. You can verify whether all rules have taken effect: iptables-L. In this way, the settings of the CentOS firewall are modified.