How to open the port in Centos7

How to open the port in Centos7

The default firewall of CentOS7 is not iptables, but firewalle.

Install iptable iptable-service

#First check whether iptables is installed
service iptables status
#Install iptables
yum install -y iptables
#Upgrade iptables
yum update iptables 
#Install iptables-services
yum install iptables-services

Disable/stop the built-in firewalld service

#Stop the firewalld service systemctl stop firewalld
#Disable firewalld service systemctl mask firewalld

Setting existing rules

#View the existing iptables rules iptables -L -n
#Allow all first, otherwise it may be a tragedy iptables -P INPUT ACCEPT
# Clear all default rules iptables -F
# Clear all custom rules iptables -X
#Reset all counters to 0
iptables -Z
#Allow packets from the lo interface (local access)
iptables -A INPUT -i lo -j ACCEPT
#Open port 22 iptables -A INPUT -p tcp --dport 22 -j ACCEPT
#Open port 21 (FTP)
iptables -A INPUT -p tcp --dport 21 -j ACCEPT
#Open port 80 (HTTP)
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
#Open port 443 (HTTPS)
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
# Allow ping
iptables -A INPUT -p icmp --icmp-type 8 -j ACCEPT
#Allow the return data after receiving the local request RELATED, which is set for FTP iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
#All other inbound traffic will be discarded iptables -P INPUT DROP
#All outbound traffic will be green iptables -P OUTPUT ACCEPT
#All forwarding will be discarded iptables -P FORWARD DROP

Other rule settings

#If you want to add intranet ip trust (accept all its TCP requests)
iptables -A INPUT -p tcp -s 45.96.174.68 -j ACCEPT
#Filter all requests that are not in the above rules iptables -P INPUT DROP
#To block an IP, use the following command:
iptables -I INPUT -s ***.***.***.*** -j DROP
#To unblock an IP, use the following command:
iptables -D INPUT -s ***.***.***.*** -j DROP

Save rule settings

#Save the above rules service iptables save

Enable iptables service

#Register iptables service#Equivalent to the previous chkconfig iptables on
systemctl enable iptables.service
#Start the service systemctl start iptables.service
#Check the status systemctl status iptables.service

Solve the problem that vsftpd cannot use passive mode after iptables is turned on

1. First modify or add the following content in /etc/sysconfig/iptables-config

Add the following content, note that the order cannot be changed

IPTABLES_MODULES="ip_conntrack_ftp"
IPTABLES_MODULES="ip_nat_ftp"

2. Reset iptables settings

iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

The following is the complete setup script

#!/bin/sh
iptables -P INPUT ACCEPT
iptables -F
iptables -X
iptables -Z
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 21 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 8 -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
service iptables save

The above is the full content of this article. I hope it will be helpful for everyone’s study. I also hope that everyone will support 123WORDPRESS.COM.

You may also be interested in:
  • Solution for not being able to use pip after installing python3.7.1 on centos6.5
  • How to configure Nginx virtual host in CentOS 7.3
  • Solution to the error when installing Docker on CentOS version
  • Three methods to modify the hostname of Centos7
  • How to set up scheduled backup tasks in Linux centos
  • Linux centOS installation JDK and Tomcat tutorial
  • How to build Jenkins+Maven+Git continuous integration environment on CentOS7
  • How to modify the time in centos virtual machine
  • How to use yum to configure lnmp environment in CentOS7.6 system
  • CentOS 6.5 configuration ssh key-free login to execute pssh command explanation

<<:  How to monitor global variables in WeChat applet

>>:  The difference between KEY, PRIMARY KEY, UNIQUE KEY, and INDEX in MySQL

Recommend

A method of making carousel images with CSS3

Slideshows are often seen on web pages. They have...

Detailed explanation of MySQL multi-table join query

Table of contents Multi-table join query Inner Jo...

An article to help you learn more about JavaScript arrays

Table of contents 1. The role of array: 2. Defini...

Linux Domain Name Service DNS Configuration Method

What is DNS The full name of DNS is Domain Name S...

Several ways to implement "text overflow truncation and omission" with pure CSS

In our daily development work, text overflow, tru...

Docker deploys Laravel application to realize queue & task scheduling

In the previous article, we wrote about how to de...

Detailed explanation of execution context and call stack in JavaScript

Table of contents 1. What is the execution contex...

A brief analysis of controlled and uncontrolled components in React

Table of contents Uncontrolled components Control...

CocosCreator ScrollView optimization series: frame loading

Table of contents 1. Introduction 2. Analysis of ...

Specific usage of fullpage.js full screen scrolling

1.fullpage.js Download address https://github.com...