Linux下 iptables防火墙 放开相关端口 拒绝相关端口 及查看已放开端口
2014-12-17 20:48
471 查看
我用的是fedora 14
1. 查看iptables 防火墙已经开启的端口:/etc/init.d/iptables status
[root@hzswtb2-mpc ~]#/etc/rc.d/init.d/iptables status 或者 service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
2. 开启 tcp 8080端口
/sbin/iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
/etc/rc.d/init.d/iptables save 或者 service iptables save #保存配置
/etc/rc.d/init.d/iptables restart 或者 service iptables restart #重启服务
[root@hzswtb2-mpc ~]# /sbin/iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
[root@hzswtb2-mpc ~]# /etc/rc.d/init.d/iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
[root@hzswtb2-mpc ~]# /etc/rc.d/init.d/iptables restart
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]
[root@hzswtb2-mpc ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080
2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
3. 删除chain INPUT指定规则1;
[root@hzswtb2-mpc ~]# iptables -D INPUT 1
[root@hzswtb2-mpc ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
4.Reject 指定端口;
[root@hzswtb2-mpc ~]# /sbin/iptables -I INPUT -p tcp --dport 8080 -j REJECT
[root@hzswtb2-mpc ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080 reject-with icmp-port-unreachable
2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
更多的规则可以参考
http://www.2cto.com/os/201304/201164.html
1. 查看iptables 防火墙已经开启的端口:/etc/init.d/iptables status
[root@hzswtb2-mpc ~]#/etc/rc.d/init.d/iptables status 或者 service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
2. 开启 tcp 8080端口
/sbin/iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
/etc/rc.d/init.d/iptables save 或者 service iptables save #保存配置
/etc/rc.d/init.d/iptables restart 或者 service iptables restart #重启服务
[root@hzswtb2-mpc ~]# /sbin/iptables -I INPUT -p tcp --dport 8080 -j ACCEPT
[root@hzswtb2-mpc ~]# /etc/rc.d/init.d/iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
[root@hzswtb2-mpc ~]# /etc/rc.d/init.d/iptables restart
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]
[root@hzswtb2-mpc ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080
2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
3. 删除chain INPUT指定规则1;
[root@hzswtb2-mpc ~]# iptables -D INPUT 1
[root@hzswtb2-mpc ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
4.Reject 指定端口;
[root@hzswtb2-mpc ~]# /sbin/iptables -I INPUT -p tcp --dport 8080 -j REJECT
[root@hzswtb2-mpc ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080 reject-with icmp-port-unreachable
2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
更多的规则可以参考
http://www.2cto.com/os/201304/201164.html
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- Linux下 iptables防火墙 放开相关port 拒绝相关port 及查看已放开port
- Linux下防火墙开启相关端口及查看已开启端口
- Linux下防火墙开启相关端口及查看已开启端口
- Linux下防火墙开启相关端口及查看已开启端口
- Linux下防火墙开启相关端口及查看已开启端口
- Linux下防火墙开启相关端口及查看已开启端口
- Linux下防火墙开启相关端口及查看已开启端口
- Linux下防火墙开启相关端口及查看已开启端口
- Linux下防火墙开启相关端口及查看已开启端口
- Linux下防火墙开启相关端口及查看已开启端口
- Linux下防火墙开启相关端口及查看已开启端口
- Linux下防火墙开启相关端口及查看已开启端口
- Linux下防火墙开启相关端口及查看已开启端口
- linux开启防火墙端口和查看,开启相关和关闭端口号
- Linux下防火墙开启相关端口及查看已开启端口
- linux开启防火墙端口和查看,开启相关端口号
- linux开启防火墙端口和查看,开启相关端口号
- Linux下防火墙开启相关端口及查看已开启端口
- Linux下防火墙开启相关端口及查看已开启端口
- Linux下防火墙开启相关端口及查看已开启端口