Tags: art inf boot nic/etc/off http install sysconfig YumObjective:Just finished learning how to configure Linux IP and firewallCome to summarize.Get ready:To be installed:SetupBody:Install the base packageYum Groupinstall "Base"SetupSelect a secondAfter entering the space to close the firewallThen ok->yes back to the main interfaceSelect a thirdFirst entry, select NICConfigure IPCd/etc/sysconfig/network-scripts after editing the configuration fileTur
The port itself is turned on by default, but does not mean that the link to the port must be up. Only link devices are connected and connected devices such as PC are working properly ...Three-layer switch port, still have 24, or fa0/1-24, its three-tier routing function is not implemented through the FastEthernet port, but through its VLAN interface to achieve,therefore, on the two two-layer switch of unicom, it is necessary to configure VLAN to realize interoperability. Accordingly, the export
A newly configured server, installed CentOS6.3 system, after the installation of LNMP, the discovery Nginx process exists, and PHP parsing is normal, but with the allocation of independent IP to access the time found to be inaccessible.Check the information on the Internet, it is possible that the Linux firewall iptables caused nginx can not access. We visit a Web site, typically with 80 ports, then the problem may be that the 80-port access is interc
Iptables IntroductionIptables is a core based firewall, very powerful, iptables built-in Filter,nat and mangle three tables.Filter is responsible for filtering packets, including the chain of rules, input,output and forward;NAT is concerned with network address translation, including the rule chain, prerouting,postrouting and output;Mangle table is mainly used to modify the contents of the packet, used to do traffic shaping, the default chain of rules
Although Aliyun launched the Cloud Shield service, but it is always safer to add a layer of firewall, the following is my Aliyun VPS on the process of configuring the firewall, currently only configure input. Both output and ForWord are accept rules.
First, check the Iptables service status
First check the status of the Iptables service
[Root@woxplife ~]# service iptables statusIptables:firewall is not r
XP system command line configuration firewall hint error what to do
Because the WinXP firewall blocks the restore daemon process, you need to manually add the restore daemon process to the firewall rules to see the client on the master side. But a lot of friends. The system prompts syntax error when using commands to
First two instructions clear the default rule:Iptables-fIptables-xIptables-zAdd a rule to the input chain: 22-Port TCP connection:Iptables-a input-p TCP--dport 22-j ACCEPTThen three instructions set the rule:Iptables-p INPUT DROP #在INPUT链之外的都丢弃Iptables-p OUTPUT ACCEPT #在OUTPUT之外的都允许链接Iptables-p FORWARD DROPTo view the rules:Iptables-l-NSave rule to file:Iptables-save >~/iptablesinfoRecovery rule:Iptables-restore >~/iptablesinfoLinux firewall
Note: Ubuntu/debian cannot use this method1. Open IptablesVi/etc/sysconfig/iptables2. Add firewall rulesRule reference: http://www.cnblogs.com/EasonJim/p/6847874.html#Firewall configuration written by System-config-firewall# Manual Customization of this file is notRecommended.*filter: INPUTACCEPT [0:0] : FORWARDACCEPT
Configure with/etc/sysconfig/iptables-A input-m state–state new-m tcp-p tcp–dport 80-j ACCEPT (allow 80 ports through the firewall)-A input-m state–state new-m tcp-p tcp–dport 3306-j ACCEPT (Allow 3306 ports through the firewall)(22 ports are added by default when the system is loaded and other ports can be configured in their format)Special Note: Many netizens add these two rules to the last line of the
In the previous installment and use example of the Iptables firewall Configuration tool Shorewall, we described how to install and use the Shorewall tool for firewall configuration, and in this article we will give you an example of some of its advanced components.
Introduction of Advanced Components
1, params
This
All operations on this computer are normal after the MySQL server is installed, but the MySQL server is not connected remotely on other machines. shit!Suspect is a port problem, the result:Telnet 192.168.1.245 3306The connection was not found, so the port was restricted by the firewall.Now all you have to do is open port 3306 in the firewall.Execution Vi/etc/sysconfig/iptables:-A rh-firewall-1-input-m state--state new-m tcp-p TCP--dport 3306-j ACCEPTT
Firewall commandService Iptables stop--stopService iptables Start--StartFile/etc/sysconfig/ iptables# Firewall configuration written by System-config-firewall# Manual Customization of this file was not recommended.*filter:input accept [0:0]:forward Accept [0:0]:output accept [0:0] -A input-m state--state established,re
Permanent, no recovery after rebootChkconfig iptables onChkconfig iptables offImmediate effect, recovery after rebootService Iptables StartService Iptables StopIt should be stated that for other services under Linux, the above command can be used to perform the open and close operations.When the firewall is turned on, make the following settings, open the relevant port,Modify the/etc/sysconfig/iptables file to add the following:-A rh-
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.