1.ä¿®æ¹æ件/etc/sysconfig/iptables
[root@bogon ~]# cd /etc/sysconfig/
[root@bogon sysconfig]# vi iptables
æ件å
容å¦ä¸ï¼æ³¨æ红è²ä¸è¡æ¯æ°å çï¼ç®çæ¯å¯¹å¤çå¼æ¾8080端å£
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
è¿è¡æåå®é
æ¯ä»ä¸ä¸è¡æ·è´ä¿®æ¹èæ¥ï¼å¨VIä¸æ·è´ä¸è¡ç¨yyï¼æ·è´å¤è¡ç¨yynï¼ç²è´´ç¨pãè¿ç®æ¹ä¾¿çã
2.å°iptablesæå¡éå¯ã
[root@bogon sysconfig]# service iptables restart
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
Applying iptables firewall rules: [ OK ]
Loading additional iptables modules: ip_conntrack_ftp [ OK ]
[root@bogon sysconfig]#
3.å¦è¥ä¸æ³ä¿®æ¹iptables表ï¼å¯ä»¥ç´æ¥è¾å
¥ä¸é¢å½ä»¤ï¼
# iptables -I INPUT -p tcp --dport 80 -j ACCEPT
温馨提示:答案为网友推荐,仅供参考