搜索到
13
篇与
的结果
-
iptables指定端口IP白名单 通过设置ip白名单,阻止特殊端口被ip之外的服务访问,例如22端口,提高系统安全性,这里值得注意的是从centos7开始,防火墙默认使用的是firewall,不再是iptables。1、在tcp协议中,禁止所有的ip访问本机的22端口。iptables -I INPUT -p tcp --dport 22 -j DROP2、允许192.168.1.123访问本机的22端口iptables -I INPUT -s 192.168.1.123 -p tcp --dport 22 -j ACCEPT3、允许192.168.1.124访问本机的22端口iptables -I INPUT -s 192.168.1.124 -p tcp --dport 22 -j ACCEPT重启防火墙service iptables restart测试成功后保存配置,linux重启后仍能生效service iptables save临时关闭防火墙service iptables stop永久关闭iptablessudo iptables-save > /etc/sysconfig/iptables -
-
-
服务器安装Cockpit在Web管理服务器 在 Web 浏览器中查看服务器,然后直接用鼠标执行系统任务。启动容器,管理存储,配置网络和检查日志都非常容易。开启 Cockpit 功能CentOS 8systemctl enable cockpit.socketssystemctl start cockpit.socketCentOS7yum install cockpitsystemctl start cockpitsystemctl enable cockpit.socket开放防火墙sudo firewall-cmd --permanent --zone=public --add-service=cockpitsudo firewall-cmd --reloadCockpit控制面板地址https://ip:9090阿里云、谷歌云、亚马逊之类的云服务器记得放行 9090 端口。
-
CentOS7安装设置firewalld防火墙教程 一、安装Firewalldyum install firewalld -y二、启动和设置开机启动systemctl enable firewalldsystemctl start firewalld三、设置常规端口放行firewall-cmd –permanent –zone=public –add-port=21/tcpfirewall-cmd –permanent –zone=public –add-port=22/tcpfirewall-cmd –permanent –zone=public –add-port=80/tcpfirewall-cmd –permanent –zone=public –add-port=8888/tcpfirewall-cmd –permanent –zone=public –add-port=888/tcp四、常规的命令功能查看状态systemctl status firewalld重启防火墙systemctl restart firewalld.service启动systemctl start firewalld查看状态systemctl status firewalld停止关闭systemctl disable firewalldsystemctl stop firewalld开机禁用systemctl disable firewalld查看启动失败列表systemctl –failed查看版本firewall-cmd –version查看状态firewall-cmd –state查看所有端口firewall-cmd –zone=public –list-ports查看80端口firewall-cmd –zone=public –query-port=80/tcp重新载入配置生效firewall-cmd –reload拒绝所有包拒绝所有firewall-cmd –panic-on取消拒绝状态firewall-cmd –panic-off查看是否拒绝firewall-cmd –query-panic
