The so-called firewall refers to a combination of software and hardware devices, between the intranet and the external network, A protective barrier constructed on the interface between a private network and a public network. is an image of a security approach, a combination of computer hardware and software that creates a secure gateway between the Internet and the intranet. It should be stated that for other services under Linux, the above command can be used to perform the open and close operations.
1. Permanent effect after reboot:
Open: Chkconfig iptables on
OFF: Chkconfig iptables off
2. Immediate effect, failure after reboot:
Open: Service iptables start
Close: Service iptables stop
When the firewall is turned on, do the following settings, open the relevant port, modify the/etc/sysconfig/iptables file, add the following:
-A rh-firewall-1-input-m state--state new-m tcp-p tcp--dport 80-j ACCEPT
-A rh-firewall-1-input-m state--state new-m tcp-p tcp--dport 22-j ACCEPT
Or:
/etc/init.d/iptables status will get a series of messages stating that the firewall is open.
/etc/rc.d/init.d/iptables Stop shutting down the firewall
Finally: Enter setup under the root user, enter a graphical interface, select Firewall configuration, go to the next interface, choose Security level for disabled, save. Reboot.
Iptables is the next powerful Linux firewall, without considering the efficiency of the case, powerful enough to replace most hardware firewalls, but the powerful firewall if the application is not appropriate, may be blocking is not just the potential attacks, and may be your own oh.
So what I'm trying to say is that you have to be very careful when you're typing in each of the iptables related commands.
1. When applying each rule to drop target, check the rules carefully and consider the impact he has on you before applying them.
2. In Redhat we can use service iptables stop to turn off the firewall, www.xinyuenetwork.com but in some versions such as Ubuntu This command does not work, with iptables-f This command to shut down the firewall, But before using this command, remember to use IPTABLES-L to see the default target,iptables-f for all the chains in your system. This command just clears all the rules. Only does not really shut down the iptables. Imagine if your chain default target is drop, you have rules to allow certain ports, but once the iptables-l is applied and all rules are cleared, the default target will block any access. Of course you include the remote SSH Management Server.
So I recommend that the Shut down firewall command is
Iptables-p INPUT ACCEPT
Iptables-p FORWARD ACCEPT
Iptables-p OUTPUT ACCEPT
Iptables-f
In short, when you want to make any changes to your server, it is best to have a test environment that has been fully tested and applied to your server. In addition, to use good iptables, it is necessary to understand the iptables operation principle, know how each packet iptables how to deal with. In this way, the rules can be written accurately to avoid unnecessary trouble.
Related knowledge:
1. Under the Fedora System:
/etc/init.d/iptables stop
Under 2.ubuntu system:
Since Ubuntu does not have the relevant direct commands
Please use the following command
Iptables-p INPUT ACCEPT
Iptables-p OUTPUT ACCEPT
Temporarily open all ports
There's no command to close iptables on Ubuntu.
How does the Linux system shut down the firewall?
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
