CentOS 7.0 defaults to using firewall as the firewall, where the iptables firewall is changed.
1. Close firewall:
systemctl Stop Firewalld.service #停止firewall
systemctl Disable Firewalld.service #禁止firewall开机启动
2. Install iptables firewall
Yum install iptables-services #安装
vi/etc/sysconfig/iptables #编辑防火墙配置文件
# Firewall configuration written by System-config-firewall
# Manual Customization of this file are not recommended.
*filter
: INPUT ACCEPT [0:0]
: FORWARD ACCEPT [0:0]
: OUTPUT ACCEPT [0:0]
-A input-m State--state established,related-j ACCEPT
-A input-p icmp-j ACCEPT
-A input-i lo-j ACCEPT
-A input-m State--state new-m tcp-p TCP--dport 22-j ACCEPT
-A input-m State--state new-m tcp-p TCP--dport 80-j ACCEPT
-A input-m State--state new-m tcp-p TCP--dport 3306-j ACCEPT
-A input-j REJECT--reject-with icmp-host-prohibited
-A forward-j REJECT--reject-with icmp-host-prohibited
COMMIT
: wq! #保存退出
systemctl Restart Iptables.service #最后重启防火墙使配置生效
systemctl enable Iptables.service #设置防火墙开机启动
Play Linux-CentOS 7.0, enable Iptables firewall