Shulou(Shulou.com)06/02 Report--

Linux If we just installed a good firewall port is not commonly used increase, that is, can not access, then how to increase the common port to the firewall through the state, we take port 80 as an example.

I have been learning Linux lately. Create an LNMP environment. Everything was fine during the test. Then restart Linux. The website cannot be opened again. The ultimate reason is that there is no port 80 rule in the firewall. The specific methods are as follows:

Configuring iptables firewall under CentOS is very necessary. Come and learn how to configure!, Other versions:

1. Open the iptables configuration file:

code is as follows

vi /etc/sysconfig/iptables

/etc/init.d/iptables status

The command queries whether port 80 is open. If not, it can be handled in two ways:

1. Modify vi /etc/sysconfig/iptables command to add make firewall open port 80

code is as follows

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

2. Turn off/on/restart firewall

code is as follows

/etc/init.d/iptables stop #start #restart Restart

After adding the firewall rules, they look like this:

code is as follows

# Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state -state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state -state NEW -m tcp -p tcp -dport 22 -j ACCEPT -A INPUT -m state -state NEW -m tcp -p tcp -dport 80 -j ACCEPT -A INPUT -m state -state NEW -m tcp -p tcp -dport 3306 -j ACCEPT -A INPUT -j REJECT -reject-with icmp-host-prohibited -A FORWARD -j REJECT -reject-with icmp-host-prohibited COMMIT/etc/init.d/iptables restart

Plus, some friends like to do that.

code is as follows

vi /etc/sysconfig/iptables-A INPUT -m state -state NEW -m tcp -p tcp -dport 80 -j ACCEPT-A INPUT -m state -state NEW -m tcp -p tcp -dport 3306 -j ACCEPT

Test according to this method, discover when restarting firewall, report these two errors.

[root@localhost ~]# /etc/init.d/iptables restart iptables: clear firewall rules: [OK]iptables: Set chain to policy ACCEP: filter [OK]iptables: unloading modules: Bad argument `--state'Error occurred at line: 11Try `iptables-restore -h' or 'iptables-restore --help' for more information. [Failure]

This method didn't work, so I tried another way to add ports by command.

code is as follows

[root@centos httpd]# /sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT[root@centos httpd]# /etc/rc.d/init.d/iptables save[root@centos httpd]# /etc/init.d/iptables restart

That's it. Check it out.

code is as follows

[root@centos httpd]# /etc/init.d/iptables status

summary

The above is all about this article about Linux in the firewall to open port 80 method example, I hope to help you. Interested friends can continue to refer to this site: Linux enterprise operation and maintenance personnel commonly used 150 commands to share, talk about Linux library files, etc., what questions can be left at any time, Xiaobian will reply to everyone in time.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.