In our daily server management, often unified firewall management forms, we often use is to close the iptables (CENTOS6. X), use a script to manage the firewall. If some systems are centos7, it is necessary to close the firewall firewall at the same time.
1. Turn off the system default firewall firewall
Systemctl Stop firewalld.service shutdown firewall systemctl disable firewalld.service shutdown boot
2. Install Iptables
Yum install iptables yum install iptables-services service iptables stop chkconfig iptables off or Systemctl Disable Iptables.service boot off iptables
3. Edit Firewall Script
vim/bin/iptables.sh #!/bin/bash shoffice1=1.2.3.4/sbin/iptables-f/sbin/iptables-x/sbin/iptables-z/sbin/iptables- A input-i lo-j accept/sbin/iptables-a input-s 127.0.0.1-d 127.0.0.1-j ACCEPT #office/sbin/iptables-a input-s 1. 2.3.4-j accept/sbin/iptables-a input-m State--state related,established-j ACCEPT # #for Game #/sbin/iptables-a INP Ut-p TCP--dport 80-j ACCEPT #for allmsserver #other------------------#Yum iptables-a input-p tcp--sport 80-j acce PT iptables-a input-p tcp--sport 443-j ACCEPT #ntpdate/sbin/iptables-a input-p UDP--sport 123-j accept/sbin/ipt Ables-a input-p UDP--dport 123-j ACCEPT # #dns/sbin/iptables-a input-p tcp--sport 53-j accept/sbin/iptables-a I Nput-p UDP--sport 53-j ACCEPT # #icmp:/sbin/iptables-a input-p ICMP--icmp-type any-j ACCEPT ###-NET-SNMP Monitor # # #/sbin/iptables-a input-p UDP--dport 161-j ACCEPT ### end ###/sbin/iptables-a input-p tcp-j REJECT H tcp-reset/sbin/iptableS-a input-j drop/sbin/iptables-a forward-j DROP
The
Edit completes execution./bin/iptables.sh, and then IPTABLES-NVL to see if it takes effect.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
