linux防火墙配置

2021/8/20 7:07:24

编程Tag： 配置 cmd linux drop add 防火墙 -- zone permanent

本文主要是介绍linux防火墙配置，对大家解决编程问题具有一定的参考价值，需要的程序猿们随着小编来一起学习吧！

1、Centos6:

iptables -P OUTPUT ACCEPT

iptables -P FORWARD ACCEPT

iptables -A INPUT -s 192.168.200.178 -p all -j ACCEPT

iptables -A INPUT -s 192.168.200.195 -p all -j ACCEPT

iptables -A INPUT -s 192.168.200.180 -p all -j ACCEPT

iptables -A INPUT -s 172.16.17.71 -p all -j ACCEPT

iptables -A INPUT -s 172.16.17.72 -p all -j ACCEPT

iptables -A INPUT -s 172.16.21.6 -p all -j ACCEPT

iptables -A INPUT -s 2.0.1.0/16 -p all -j ACCEPT

iptables -P INPUT DROP 最后一步

2、Centos7配置：

#!/bin/bash

systemctl start firewalldsystemctl start firewalldsystemctl stop firewalld
systemctl status firewalld
systemctl start firewalld

--测试环境
firewall-cmd --set-default-zone=drop

firewall-cmd --permanent --zone=drop --add-service=https
firewall-cmd --permanent --zone=drop --add-service=http
firewall-cmd --permanent --zone=drop --add-service=ssh
firewall-cmd --permanent --zone=drop --add-protocol=icmp
firewall-cmd --permanent --zone=drop --add-masquerade
firewall-cmd --permanent --zone=drop --add-port=22/tcp

firewall-cmd --permanent --zone=drop --add-rich-rule="rule family="ipv4" source address="192.168.4.9" accept"
firewall-cmd --reload

#!/bin/bash

systemctl start firewalldsystemctl start firewalldsystemctl stop firewalld
systemctl status firewalld
systemctl start firewalld

--正式环境

firewall-cmd --set-default-zone=drop

firewall-cmd --permanent --zone=drop --add-rich-rule="rule family="ipv4" source address="192.168.133.39" accept"
firewall-cmd --permanent --zone=drop --add-rich-rule="rule family="ipv4" source address="192.168.133.40" accept"
firewall-cmd --permanent --zone=drop --add-rich-rule="rule family="ipv4" source address="192.168.133.41" accept"
firewall-cmd --permanent --zone=drop --add-rich-rule="rule family="ipv4" source address="192.168.133.42" accept"

firewall-cmd --reload

这篇关于linux防火墙配置的文章就介绍到这儿，希望我们推荐的文章对大家有所帮助，也希望大家多多支持为之网！

linux防火墙配置

相关编程文章