How to modify firewall configuration in Linux system

Time:2020-10-13

This article mainly introduces how to modify the firewall configuration of Linux system. The example code is introduced in detail, which has a certain reference value for everyone’s study or work. Friends in need can refer to it

To change the firewall configuration of Linux system, you need to modify the file / etc / sysconfig / iptables


vim /etc/sysconfig/iptables

In the VIM editor, you’ll see the following


# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 2181 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

To open the port, please add one of the following contents:


 -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT

1521 is the port number to be opened, and then restart the firewall service of Linux.

Command to stop / start firewall service under Linux (used by root user)

Service iptables stop -- stop
Service iptables start -- start

At the end:

#It takes effect permanently and will not be restored after restart
Chkconfig iptables on

Chkconfig iptables off ා

#Immediate effect, restart and restore
Service iptables start ා

Service iptables stop ා close

The above is the whole content of this article, I hope to help you in your study, and I hope you can support developeppaer more.