Lao Zuo saw that many netizens still use CentOS7 version. For example, most of us still use the visual panel pagoda panel to build websites. If we use the visual panel to build the site environment, the firewall settings are relatively simple. We directly add the ports for release or restriction on the visual panel. Of course, Lao Zuo reminded us not to forget the settings of security groups on the server side. Some service providers must force the use of security groups.
In this article, Lao Zuo records the open port setting method of CentOS7 firewall, such as how we set some commonly used ports. Of course, this is set directly for the SHELL command on the server side. If we have direct visualization settings, we can use visualization directly. After CentOS 7.0, firewalld was used instead of iptables. Here, if we have two versions, we will set them separately.
netstat -ntpl
We can use this command to view the ports that have been opened, and then whether to open or close them.
First, CentOS7 firewall enable common port command
1. To install the Firewall command:
yum install firewalld firewalld-config
2. Firewall Open Common Port Command
firewall-cmd --zone=public --add-port=80/tcp --permanent firewall-cmd --zone=public --add-port=443/tcp --permanent firewall-cmd --zone=public --add-port=22/tcp --permanent firewall-cmd --zone=public --add-port=21/tcp --permanent firewall-cmd --zone=public --add-port=53/udp --permanent
For example, if we have a customized SSH port or a server portal WEB port, we need to release it separately.
3. Firewall Close Common Port Command
firewall-cmd --zone=public --remove-port=80/tcp --permanent firewall-cmd --zone=public --remove-port=443/tcp --permanent firewall-cmd --zone=public --remove-port=22/tcp --permanent firewall-cmd --zone=public --remove-port=21/tcp --permanent firewall-cmd --zone=public --remove-port=53/udp --permanent
We can also add interval ports in batch
firewall-cmd --zone=public --add-port=4400-4600/udp --permanent firewall-cmd --zone=public --add-port=4400-4600/tcp --permanent
4. Open firewall command
systemctl start firewalld.service
5. Restart firewall command
Firewall cmd -- reload or service firewall restart
6. To view the port list:
firewall-cmd --permanent --list-port
7. Disable firewall
systemctl stop firewalld
8. View Status
Systemctl status firewalld or firewall cmd -- state
Second, if you still use iptables
If our firewall still uses iptables, the command is slightly different.
1. View firewall status
service iptables status
2. Turn off the firewall temporarily
service iptables stop
3. Permanently close the firewall
chkconfig iptables off
4. Restart the firewall
service iptables restart
5. Open the specified port
vi /etc/sysconfig/iptables
Edit the file and add it.
Iptables - I INPUT - p tcp -- dport port number - j ACCEPT
Save Configuration
service iptables save
service iptables restart
service iptables restart
Only restart can it take effect.
In this way, the above is basically sorted into the configuration of the commonly used CentOS7 port firewall. Of course, the use of firewalls is not so far away, there are many things that can be used.
Scan the code to follow the official account
Get more news about webmaster circle!
Entrepreneurship, operation and new knowledge
