Shulou(Shulou.com)06/01 Report--

Today, the editor will share with you the relevant knowledge points about how to manually add firewall ports in Linux. The content is detailed and the logic is clear. I believe most people still know too much about this knowledge, so share this article for your reference. I hope you can get something after reading this article.

Firewall profile: / etc/sysconfig/iptables

1. Use the command to check whether the port is open (the following figure shows that the firewall was not selected for installation)

[root@fullstack] # iptables-L-n Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination2. Clear firewall rules (existing rules may not be carried out)

[root@fullstack~] # iptables-F # clear all rule chains in the preset table filter [root@fullstack~] # iptables-X # clear the rules in the user-defined chain in the preset table filter [root@fullstack~] # / etc/rc.d/init.d/iptables save # restart [root@fullstack~] # service iptables restart # restart Firewall 3 next time after you save it. Set firewall rules

/ Note: if you log in to remote SSH, you should drop it when you enter the first command to enter. Because you have not set any rules, you can first turn off the firewall and then operate / / close the firewall / etc/init.d/iptables stop or service iptables stop [root@fullstack ~] # iptables-p INPUT DROP [root@fullstack ~] # iptables-p OUTPUT ACCEPT [root@fullstack ~] # iptables-p FORWARD DROP. This definition indicates that all requests beyond the two chain rules of iptables (INPUT and FORWARD) are discarded, and requests beyond OUTPUT rules can be accepted. That is, control the input and output at will.

4. Add port number

-A: specify the chain names-An and-I. Where-An is added to the end of the rule;-I can be inserted to the specified location. If there is no specified location, it is inserted into the first part of the rule by default-p: specify protocol type-d: specify destination address-dport: specify destination port (destination port destination port)-sport: specify source port (source port source port)

-s parameter is the source (that is, 192.168.1.2)

-j: specify the action type

[root@fullstack ~] # iptables-An INPUT-p tcp-- dport 80-j ACCEPT [root@fullstack ~] # iptables-An OUTPUT-p tcp-- dport 80-j ACCEPT [root@fullstack ~] # / etc/rc.d/init.d/iptables save [root@fullstack ~] # service iptables restart # restart the firewall so that an 80-port tcp connection is added to INPUT and OUTPUT. Finally, don't forget to save it.

5. Delete the port number

[root@singledb] # iptables-D INPUT-p tcp-- dport 443-j ACCEPT [root@singledb ~] # iptables-D OUTPUT-p tcp-- dport 443-j ACCEPT [root@singledb ~] # iptables-L-n [root@fullstack ~] # / etc/rc.d/init.d/iptables save [root@fullstack ~] # service iptables restart # restart the firewall above is all the content of the article "how to manually add firewall ports in Linux" Thank you for reading! I believe you will gain a lot after reading this article. The editor will update different knowledge for you every day. If you want to learn more knowledge, please pay attention to the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.