Installed TOMCAT7, found in addition to the function of access to the outside world, outrageous. So ask Baidu God, after a lot of trouble, the summary steps are as follows:
1. Modify the file/etc/sysconfig/iptables
[Email protected] ~]# cd/etc/sysconfig/
[Email protected] sysconfig]# VI iptables
The contents of the file are as follows, note that the red line is newly added to open 8080 ports to the outside world.
# Firewall configuration written by System-config-firewall
# Manual Customization of this file are not recommended.
*filter
: INPUT ACCEPT [0:0]
: FORWARD ACCEPT [0:0]
: OUTPUT ACCEPT [0:0]
: Rh-firewall-1-input-[0:0]
-A input-j Rh-firewall-1-input
-A rh-firewall-1-input-i lo-j ACCEPT
-A rh-firewall-1-input-p ICMP--icmp-type any-j ACCEPT
-A rh-firewall-1-input-p 50-j ACCEPT
-A rh-firewall-1-input-p 51-j ACCEPT
-A rh-firewall-1-input-p UDP--dport 5353-d 224.0.0.251-j ACCEPT
-A rh-firewall-1-input-p udp-m UDP--dport 631-j ACCEPT
-A rh-firewall-1-input-p tcp-m tcp--dport 631-j ACCEPT
-A rh-firewall-1-input-m state--state established,related-j ACCEPT
-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 21-j ACCEPT
-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 22-j ACCEPT
-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 443-j ACCEPT
-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 80-j ACCEPT
-A rh-firewall-1-input-m State--state new-m tcp-p TCP--dport 8080-j ACCEPT
-A rh-firewall-1-input-j REJECT--reject-with icmp-host-prohibited
-A forward-j REJECT--reject-with icmp-host-prohibited
COMMIT
This line of text is actually from the previous line copy modified from, in vi copy line with YY, copy multi-line with Yyn, paste with P. It's convenient.
2. Restart the Iptables service.
[Email protected] sysconfig]#Service iptables Restart
Flushing firewall rules: [OK]
Setting chains to Policy Accept:filter [OK]
Unloading iptables modules: [OK]
Applying iptables firewall rules: [OK]
Loading additional iptables modules:ip_conntrack_ftp [OK]
[Email protected] sysconfig]#
Then you can access it from the outside world:
View and open ports in Linux