Shulou(Shulou.com)06/01 Report--

This article mainly explains "how to use iptables under CentOS7". The content in the article is simple and clear, and it is easy to learn and understand. Please follow the editor's train of thought to study and learn how to use iptables under CentOS7.

After the system is upgraded to centos 7, it always feels strange about iptables. For example, no matter how much it is saved and rebooted, it is initialized, even if I finally issue a big trick and add the command when starting:

First, iptables-save > / etc/iptables.rules saves the current state.

Then force it to be added in / etc/rc.local

/ etc/rc.local

Iptables-restore / etc/iptables .rules

After restart, although the rules take effect, it is very uncomfortable to take a closer look at the rules or some additional content that has been added inexplicably.

Take a closer look at google and find out where the problem lies. Redhat changed the system software in 7, no longer using iptables as the firewall of the system, but using firewalld, but in order to be compatible with past commands, you can also use iptables to set up protection rules, but you have your own set at startup.

The solution is also simple.

First, consider follow's official idea of switching to firewalld. In fact, it can also be used to check some official documents.

However, I feel that I can continue to use the original iptables if there is no significant improvement. If you plan to continue using iptables, you can continue to do the following:

Back up the current rule

1 iptables-save > iptables.rules

Disable firewalld, install & enable iptables-services systemctl stop firewalld systemctl mask firewalld yum install iptables-services-y systemctl enable iptables

At this time, check the iptables and find that the rules have been emptied.

1 iptables-l-x-n

Restore the backed up rules

1 iptables-restore iptables.rules

Save the current rule

1 / usr/libexec/iptables/iptables .init save

If you use the minimize version of the installation, you may be prompted

Iptables: saving firewall rules to / etc/sysconfig/iptables: / etc/init.d/iptables: line 274: restorecon: command not found

This is because selinux is not installed and a component is missing. Just install policycoreutils.

1 yum install policycoreutils-y

Thank you for reading, the above is the content of "how to use iptables under CentOS7". After the study of this article, I believe you have a deeper understanding of how to use iptables under CentOS7, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.