Linux provides a very good firewall tool netfilter/Iptables. This article briefly introduces the use of netfilter/IptablesImplements firewall setup, Internet Connection Sharing, and other applications to maintain server security vulnerabilities.
Disable Firewall
- iptables -P INPUT ACCEPT
Open Firewall
- iptables -F INPUT
- iptables -P INPUT DROP
-- Disable port 3306 (Mysql database)
- iptables -I INPUT -i eth0 -p tcp --dport 3306 -j DROP
- iptables -I INPUT -i eth0 -p tcp --dport 3306 -j ACCEPT
In linux, port 81 is usually disabled.
Enable port 81:
- iptables -I INPUT -i eth0 -p tcp --dport 81 -j ACCEPT
- iptables -I OUTPUT -o eth0 -p tcp --sport 81 -j ACCEPT
Close port 81:
- iptables -I INPUT -i eth0 -p tcp --dport 81 -j DROP
- iptables -I OUTPUT -o eth0 -p tcp --sport 81 -j DROP
Then save:
- #/etc/rc.d/init.d/iptables save
Check whether there are already:
- [root@vcentos ~]# /etc/init.d/iptables status
Save as follows.
Summary:
IptablesThe content of the Getting Started application case has been introduced.IptablesLearning the entry content is helpful to you!