Centos7将firewall防火墙换回iptables防火墙

从Centos7开始默认使用firewall防火墙了

换成iptables防火墙,操作步骤如下:

关闭firewalld防火墙,关闭开机自启

systemctl stop firewalld.service
systemctl disable firewalld.service

安装iptables防火墙,设置开机自启

yum -y install iptables-services net-tools
systemctl enable iptables.service

然后编辑iptables防火墙规则就好了

vim /etc/sysconfig/iptables

来个示例:

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
标签:IptablesCentos 发布于:2019-11-16 14:30:55