iptables -version/etc/init.d/iptables statuschkconfig iptables on
chkconfig iptables offservice iptables stop
service iptables start
service iptables restartiptables -I INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
iptables -I OUTPUT -o eth0 -p tcp --sport 80 -j ACCEPT
/etc/rc.d/init.d/iptables save
iptables -I INPUT -i eth0 -p tcp --dport 80 -j DROP
iptables -I OUTPUT -o eth0 -p tcp --sport 80 -j DROP
/etc/rc.d/init.d/iptables savesystemctl start firewalld.service
systemctl stop firewalld.service
systemctl restart firewalld.servicesystemctl status firewalld.servicesystemctl enable firewalld.service
systemctl disable firewalld.servicesystemctl is-enabled firewalld.service;echo $?
systemctl list-unit-files | grep enabledfirewall-cmd --zone=public --list-portssudo firewall-cmd --zone=public --add-port=80/tcp --permanent
sudo firewall-cmd --reload若不使用“--permanent”, 则防火墙规则在重启后会失效.
sudo firewall-cmd --zone=public --remove-port=80/tcp --permanent
sudo firewall-cmd --reload
若不使用“--permanent”, 则防火墙规则在重启后会失效.
apt install ufwufw versionufw enable
ufw disableufw default allow/deny
ufw statussudo ufw allow [service]
sudo ufw deny [service]例如: sudo ufw allow ssh表明: 允许所有的外部IP访问本机的22/tcp(ssh)端口
sudo ufw allow 22
sudo ufw deny 22ufw allow from 122.168.254.254 to any
ufw deny from 122.168.254.254 to anyufw allow from 122.168.254.254 to any port 80
ufw deny from 122.168.254.254 to any port 80sudo ufw status numbered
# 会显示防火墙的已有规则并编号
Status: active
To Action From
-- ------ ----
[ 1] Nginx HTTP ALLOW IN Anywhere
[ 2] OpenSSH ALLOW IN Anywhere
[ 3] Nginx HTTP (v6) ALLOW IN Anywhere (v6)
[ 4] OpenSSH (v6) ALLOW IN Anywhere (v6)sudo ufw delete 3版权声明:本文内容由互联网用户自发贡献,版权归作者所有linux常用命令,本社区不拥有所有权linux常用命令,也不承担相关法律责任。如果您发现本社区中有涉嫌抄袭的内容,欢迎发送邮件至:yqgroup@service.aliyun.com进行举报,并提供相关证据,一经查实,本社区将立刻删除涉嫌侵权内容。
上一个教程:linux常用命令大全(精心整理
下一个教程:linux的常用命令(实时更新)
