linux防火墙配置
2021/8/20 7:07:24
本文主要是介绍linux防火墙配置,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!
1、Centos6:
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -A INPUT -s 192.168.200.178 -p all -j ACCEPT
iptables -A INPUT -s 192.168.200.195 -p all -j ACCEPT
iptables -A INPUT -s 192.168.200.180 -p all -j ACCEPT
iptables -A INPUT -s 172.16.17.71 -p all -j ACCEPT
iptables -A INPUT -s 172.16.17.72 -p all -j ACCEPT
iptables -A INPUT -s 172.16.21.6 -p all -j ACCEPT
iptables -A INPUT -s 2.0.1.0/16 -p all -j ACCEPT
iptables -P INPUT DROP 最后一步
2、Centos7配置:
#!/bin/bash
systemctl start firewalldsystemctl start firewalldsystemctl stop firewalld
systemctl status firewalld
systemctl start firewalld
--测试环境
firewall-cmd --set-default-zone=drop
firewall-cmd --permanent --zone=drop --add-service=https
firewall-cmd --permanent --zone=drop --add-service=http
firewall-cmd --permanent --zone=drop --add-service=ssh
firewall-cmd --permanent --zone=drop --add-protocol=icmp
firewall-cmd --permanent --zone=drop --add-masquerade
firewall-cmd --permanent --zone=drop --add-port=22/tcp
firewall-cmd --permanent --zone=drop --add-rich-rule="rule family="ipv4" source address="192.168.4.9" accept"
firewall-cmd --reload
#!/bin/bash
systemctl start firewalldsystemctl start firewalldsystemctl stop firewalld
systemctl status firewalld
systemctl start firewalld
--正式环境
firewall-cmd --set-default-zone=drop
firewall-cmd --permanent --zone=drop --add-service=https
firewall-cmd --permanent --zone=drop --add-service=http
firewall-cmd --permanent --zone=drop --add-service=ssh
firewall-cmd --permanent --zone=drop --add-protocol=icmp
firewall-cmd --permanent --zone=drop --add-masquerade
firewall-cmd --permanent --zone=drop --add-port=22/tcp
firewall-cmd --permanent --zone=drop --add-rich-rule="rule family="ipv4" source address="192.168.133.39" accept"
firewall-cmd --permanent --zone=drop --add-rich-rule="rule family="ipv4" source address="192.168.133.40" accept"
firewall-cmd --permanent --zone=drop --add-rich-rule="rule family="ipv4" source address="192.168.133.41" accept"
firewall-cmd --permanent --zone=drop --add-rich-rule="rule family="ipv4" source address="192.168.133.42" accept"
firewall-cmd --reload
这篇关于linux防火墙配置的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!
- 2024-09-11Linux部署Scrapy学习:入门级指南
- 2024-09-11Linux部署Scrapy:入门级指南
- 2024-08-21【Linux】分区向左扩容的方法
- 2024-08-21【Linux】gnome桌面环境切换KDE Plasma
- 2024-08-19如何安装 VMware Tools (macOS, Linux, Windows)
- 2024-08-15Linux部署Scrapy教程:入门级指南
- 2024-07-29linux命令行下好用的性能监控工具atop
- 2024-07-04Linux系统上离线升级SSH服务的具体操作步骤-icode9专业技术文章分享
- 2024-06-0600-macOS和Linux安装和管理多个Python版本
- 2024-03-30[译]漫画SELinux概念