最新消息:不要跟我说什么底层原理、框架内核!老夫敲代码就是一把梭! 复制,粘贴,拿起键盘就是干!!

Linux VPS防火墙开放指定端口

软件·服务器 楚盟 749浏览 0评论

ftp默认端口是21 ssh默认端口是22 MySQL默认端口是3306 web默认是80 这些端口都是默认开放的;

执行某些特定任务时,会需要改变端口,在防火墙上开放一个新的端口让数据通过;

linux 服务器上 我用的最多的是Centos版本,刚刚查了些资料在国外服务器上测试了下开放了个3308端口;

CentOS 防火墙开启80/22端口

vim /etc/sysconfig/iptables

-A INPUT -m state  −–state NEW -m tcp -p tcp  −–dport 80 -j ACCEPT(允许80端口通过防火墙)
-A INPUT -m state  −–state NEW -m tcp -p tcp  −–dport 3306 -j ACCEPT(允许3306端口通过防火墙)

特别提示:很多网友把这两条规则添加到防火墙配置的最后一行,导致防火墙启动失败,正确的应该是添加到默认的22端口这条规则的下面

/etc/init.d/iptables status

查看防火墙信息,确认22 80端口是否被打开

/etc/rc.d/init.d/iptables save

保存防火墙操作规则

service iptables restart

防火墙重启重新加载,执行新的端口规则;

关闭防火墙服务

/etc/init.d/iptables stop

永久关闭防火墙

chkconfig –level 35 iptables off

附上操作日志:

[root@default ~]# /sbin/iptables -I INPUT -p tcp --dport 3308 -j ACCEPT
[root@default ~]# /etc/init.d/iptables status
Table: raw
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination
Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination
Table: nat
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination
Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination
Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination
Table: mangle
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination
Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination
Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination
Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:3308
Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination
Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination
[root@default ~]# /etc/rc.d/init.d/iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
[root@default ~]# service iptables restart
iptables: Setting chains to policy ACCEPT: raw nat mangle f[  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
iptables: Applying firewall rules:                         [  OK  ]
[root@default ~]#

转载请注明:楚盟网 » Linux VPS防火墙开放指定端口

发表我的评论
取消评论
表情

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址