The SELinux and iptables of Linux Foundation optimization

Source: Internet
Author: User

Copyright notice: ########################################################################## #本文的所有内容均来自作者刘春凯的学习总结, without my permission, It is forbidden to forward and use it privately. qq:1151887353e-mail:[email protected]      [email protected]########## ############################################################### #第1章   Close SELinux method 1.1  Pre-operation backup method: [Email  protected] ~]# cp/etc/selinux/config /etc/selinux/config.bak[[email protected]  ~]# ls /etc/selinuxconfig  config.bak  restorecond.conf  restorecond_ User.conf  semanage.conf targeted Law II: [[Email protected] ~]# sed -i.ori ' s# Selinux=enforcing#selinux=disabled#g '  /etc/selinux/config===-i.ori replace the pre-backup file; [[email protected] ~] # ls /etc/selinuxconfig config.bak  config.ori  restorecond.conf   restorecond_user.conf  semanage.conf targeted1.2  permanently close selinux (Modify config file) [[email  protected]  ~]# cat /etc/selinux/config  # this file controls the state  of selinux on thesystem.# selinux= can take one of these  three values:#    enforcing - SELinux security policy  is enforced.#    permissive - selinux prints warnings  instead of enforcing.#    disabled - no selinux policy  Is loaded. selinux=enforcing# selinuxtype= can take one of these two values:#     targeted - Targeted processes are protected,#      mls -multi level security protection. selinuxtype=targeted[[email protected] ~]# sed -i  ' s#SELINUX=enforcing#SELINUX= Disabled#g '/etc/selinux/config [[email protected] ~]# cat /etc/selinux/config  # this file controls the  State of selinux on the system.# selinux= can take one of  these three values:#    enforcing - SELinux security  Policy is enforced.#    permissive - selinux prints warnings  instead of enforcing.#    disabled - no selinux policy  is loaded. selinux=disabled# selinuxtype= can take one of these two values:#     targeted - Targeted processes are protected,#      mls -multi level security protection. selinuxtype=targeted === need to restart the server to take effect (do not restart the server for any reason in the work scenario); 1.3  temporarily shut down [[email protected] ~] # getenforce === View selinux Status Enforcing[[email protected] ~]# setenforce === View selinux setup Options usage: setenforce [  Enforcing | permissive | 1 | 0 ]===1: Open; 0: reminding but not blocking; [[email protected]  ~]# setenforce 0=== set to 0[[email protected] ~]# getenforcepermissive 1.4   Restore SELinux Method method One: Command line restore setenforce 1; Method II: File reply 1, through VI, SED directly modify the configuration file 2, mv/etc/selinux/config.bak /etc/ selinux/config== Direct Overwrite profile 2nd   Close firewall iptables2.1  temporarily shut down iptables View Firewall state law one:/etc/init.d/iptables  Status Law II: Service iptables status Temporary shutdown firewall law one:/etc/init.d/iptables stop/etc/init.d/iptables  stop   === execution closed two times to ensure close; Law II: service iptables stopservice iptables stop/etc/ Init.d/iptables status or service iptables status === After the modification is complete, review the iptables status again; 2.2  Permanently turn off iptables (Power on from startup item off iptables) to see if the iptables is powered on from the boot chkconfig | grep ipt  or chkconfig -- list iptables  turn off the iptables of the boot fromStartup item chkconfig iptables off  again to see if iptables boot is off chkconfig | grep ipt  or Chkconfig --list iptables.


The SELinux and iptables of Linux Foundation optimization

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.