linux系统命令行开启防火墙端口的教程

　　测试环境redhat 5.4，开启3306和8080端口

　　修改/etc/sysconfig下的iptables文件：

　　# Firewall configuration written by system-config-securitylevel

　　# Manual customization of this file is not recommended.

　　*filter

　　:INPUT ACCEPT [0:0]

　　:FORWARD ACCEPT [0:0]

　　:OUTPUT ACCEPT [0:0]

　　:RH-Firewall-1-INPUT – [0:0]

　　-A INPUT -j RH-Firewall-1-INPUT

　　-A FORWARD -j RH-Firewall-1-INPUT

　　-A RH-Firewall-1-INPUT -i lo -j ACCEPT

　　-A RH-Firewall-1-INPUT -p icmp –icmp-type any -j ACCEPT

　　-A RH-Firewall-1-INPUT -p 50 -j ACCEPT

　　-A RH-Firewall-1-INPUT -p 51 -j ACCEPT

　　-A RH-Firewall-1-INPUT -p udp –dport 5353 -d 224.0.0.251 -j ACCEPT

　　-A RH-Firewall-1-INPUT -p udp -m udp –dport 631 -j ACCEPT

　　-A RH-Firewall-1-INPUT -p tcp -m tcp –dport 631 -j ACCEPT

　　-A RH-Firewall-1-INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT

　　-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 21 -j ACCEPT

　　-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j ACCEPT

　　-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT

　　-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 443 -j ACCEPT

　　-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 8080 -j ACCEPT

　　-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 3306 -j ACCEPT

　　-A RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited

　　COMMIT

　　重启iptables

　　[root@localhost /]#/sbin/service iptables restart

时间：(2024-02-07 14:57:12)
本站资源均来自互联网或会员发布，如果不小心侵犯了您的权益请与我们联系。我们将立即删除！谢谢！