Shutdown of CENTOS6 and CENTOS7 firewalls

CentOS6.5 View the status of the firewall:

[[Email protected] ~] $service iptable Status

Show Results:

[[email protected] ~]$service iptable statusredirecting to/bin/systemctl status  iptable.service Iptable.service   loaded:not-found (reason:no such file or directory)   active:inactive (dead)   --Indicates that the firewall is down

CentOS 6.5 Firewall off

[[email protected] ~]#servcie iptables stop                     -temporarily shut down firewall [[email protected] ~]#chkconfig iptables off                    --Permanently shut down the firewall

　　

CentOS 7.2 Firewall off

CentOS 7.0 defaults to using firewall as the firewall, which is changed to iptables firewall step.

Firewall-cmd--state #查看默认防火墙状态 (show notrunning after turn off, show running when turned on)

[Email protected] ~]#firewall-cmd--statenot running

　　

Check the status of the firewall:

Start using systemctl from CENTOS7 to manage services and programs, including service and Chkconfig.

[[email protected] ~]#systemctl list-unit-files|grep firewalld.service            --Firewall is off firewalld.service                           Disabled

Or

[Email protected] ~]#systemctl status firewalld.servicefirewalld.service-firewalld-dynamic firewall Daemo N   loaded:loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset:enabled)   Inactive (dead)

　　

To turn off the firewall:

Systemctl Stop Firewalld.service #停止firewall
Systemctl Disable Firewalld.service #禁止firewall开机启动

[Email protected] ~]#systemctl stop Firewalld.service[[email protected] ~]#systemctl Disable Firewalld.service

　　

Start a service: Systemctl start Firewalld.service shut down a service: systemctl stop firewalld.service Restart a service: systemctl restart Firewalld.service Displays the status of a service: Systemctl status Firewalld.service enables a service at boot: Systemctl enable Firewalld.service Disable a service at power-on: systemctl Disable Firewalld.service Check if the service is booting: Systemctl is-enabled firewalld.service; echo $? View the list of services started: Systemctl List-unit-files|grep enabled

　　

Centos 7 Firewall command:

To view ports that are already open:

firewall-cmd --list-ports

Open port

firewall-cmd --zone=public --add-port=80/tcp --permanent

Command meaning:

–zone #作用域

–add-port=80/tcp #添加端口 in the format: Port/Communication protocol

–permanent #永久生效, fail after reboot without this parameter

Restarting the firewall

#重启firewallsystemctl stop firewalld.service #停止firewallsystemctl disable firewalld.service #禁止firewall开机启动
firewall-cmd--state #查看默认防火墙状态 (show notrunning after turn off, show running when turned on)

CentOS 7 following version iptables command

To open the 80,22,8080 port, enter the following command

-I INPUT -p tcp --dport 80 -j ACCEPT/sbin/iptables -I INPUT -p tcp --dport 22 -j ACCEPT/sbin/iptables -I INPUT -p tcp --dport 8080 -j ACCEPT

Then Save:

/etc/rc.d/init.d/iptables save

To view open ports:

/etc/init.d/iptables status

Shutting down the firewall
1) Permanent, no recovery after reboot

Open: Chkconfig iptables on

OFF: Chkconfig iptables off

2) immediate effect, recovery after restart

Open: Service iptables start

Close: Service iptables stop

View firewall Status: Service iptables status

Below is the difference between CentOS7 and 6 's default firewall

CentOS 7 defaults to using firewall as a firewall, and using iptables must be reset

1. Close the firewall directly

Systemctl Stop Firewalld.service #停止firewall

Systemctl Disable Firewalld.service #禁止firewall开机启动

2. Set up Iptables service

Yum-y Install Iptables-services

If you want to modify the firewall configuration, such as increasing firewall port 3306

Vi/etc/sysconfig/iptables

Add rule

-A input-m state--state new-m tcp-p TCP--dport 3306-j ACCEPT

After saving exits

Systemctl Restart Iptables.service #重启防火墙使配置生效

Systemctl Enable Iptables.service #设置防火墙开机启动

The final reboot system makes the settings effective.

Systemctl Start Iptables.service #打开防火墙

Systemctl Stop Iptables.service #关闭防火墙

Resolve host cannot access virtual machine in CentOS the site before the array is installed in the virtual machine CentOS6.2, and equipped with the Apache+php+mysql, but this machine is inaccessible.  has not been to toss. The specific situation is as follows

1. This function ping the virtual machine 2. The virtual machine can also ping the machine 3. Virtual machines access their own Web 4. The web of the virtual machine cannot be accessed by this machine

Later found to be the firewall shielded the 80 port for the sake of it. Check that the 80 port of the server is blocked by the firewall and can be tested by the command: Telnet server_ip 80来. Here's how to fix it:

/sbin/iptables-i input-p tcp--dport 80-j ACCEPT

Then Save:

/etc/rc.d/init.d/iptables Save

Restarting the firewall

/etc/init.d/iptables Restart

The CentOS firewall shuts down and shuts down its service:

View the CentOS Firewall information:/etc/init.d/iptables status shutdown of the CentOS Firewall service:/etc/init.d/iptables stop

　　

Shutdown of CENTOS6 and CENTOS7 firewalls