标签:iptables 开放 commit off sysconfig nat cal class lis
# 安装iptables-services [root@localhost bin]# yum install iptables-services [root@localhost bin]# /bin/systemctl status iptables.service # 临时开放端口 [root@localhost sysconfig]# iptables -I INPUT -p tcp --dport 8080 -j ACCEPT # 重启iptables临时端口失效 [root@localhost sysconfig]# /bin/systemctl restart iptables iptables.service [root@localhost sysconfig]# vi /etc/sysconfig/iptables ====================================================================================== # Generated by iptables-save v1.4.21 on Fri May 5 12:59:45 2017 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [27:2044] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT # Completed on Fri May 5 12:59:45 2017 # Generated by iptables-save v1.4.21 on Fri May 5 12:59:45 2017 *nat :PREROUTING ACCEPT [81:4944] :INPUT ACCEPT [1:92] :OUTPUT ACCEPT [3:228] :POSTROUTING ACCEPT [3:228] COMMIT # Completed on Fri May 5 12:59:45 2017 ====================================================================================== # -A INPUT -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT # 8080端口永久生效 [root@localhost sysconfig]# /bin/systemctl restart iptables iptables.service [root@localhost sysconfig]# lsof -i:8080 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME java 15665 sony 48u IPv6 53192 0t0 TCP *:webcache (LISTEN) # telnet 192.168.1.106 8080
标签:iptables 开放 commit off sysconfig nat cal class lis
原文地址:http://www.cnblogs.com/xiongjiajia/p/6812532.html
