Sv translation | ||
---|---|---|
| ||
CentOS 7On CentOS 7, firewall-cmd is used to maintain the firewall. List All Rulesfirewall-cmd --list-all Allow a portThis example allows a TCP port through the firewall, for all network interfaces in the "public" zone: firewall-cmd --zone=public --add-port=3306 /tcp --permanent
This example allows a UDP port through the firewall, for all network interfaces in the "public" zone: firewall-cmd --zone=public --add-port=20202 /udp --permanent Delete a rulefirewall-cmd --zone=public --remove-port=3306/tcp --permanent Reload the firewallThis makes the port changes active: firewall-cmd --reload
If port changes are specified without the --permanent flag, they will be active, but not permanent. The following command makes them permanent: firewall-cmd --runtime-to-permanent CentOS 6On CentOS 6, iptables is used to maintain the firewall. Caution: iptables is cryptic and sometimes rather stupid. Especially: it will add multiple rules for the same port, and does not check if the port is already open. List All Rulesiptables -L -n The -n option causes the ports to be listed numerically.
Alternatively: iptables-save > iptables_rules less iptables_rules This method is particularly useful for cleaning up duplicated rules. Allow a portThis example allows a TCP port through the firewall: iptables -I INPUT 4 -p tcp -m tcp --dport 3306 -j ACCEPT service iptables save
This example allows a UDP port through the firewall, for all network interfaces in the "public" zone: iptables -I INPUT 4 -p tcp -m udp --dport 20202 -j ACCEPT service iptables save Reload the firewallThis makes the port changes permanent: service iptables save Delete a ruleThe simplest way to delete rules in iptables, is to save and restore the configuration:
First, save the rules: iptables-save > iptables_rules
Now edit the rules: vi iptables_rules
Now restore the rules, with the changes made, and make them permanent: iptables-restore < iptables_rules |
Sv translation | ||
---|---|---|
| ||
CentOS 7On CentOS 7, firewall-cmd is used to maintain the firewall. List All Rulesfirewall-cmd --list-all Allow a portThis example allows a TCP port through the firewall, for all network interfaces in the "public" zone: This example allows a UDP port through the firewall, for all network interfaces in the "public" zone: Delete a rulefirewall-cmd --zone=public --remove-port=3306/tcp --permanent Reload the firewallThis makes the port changes active: firewall-cmd --reload If port changes are specified without the --permanent flag, they will be active, but not permanent. The following command makes them permanent: firewall-cmd --runtime-to-permanent CentOS 6On CentOS 6, iptables is used to maintain the firewall. Caution: iptables is cryptic and sometimes rather stupid. Especially: it will add multiple rules for the same port, and does not check if the port is already open. List All Rulesiptables -L -n The -n option causes the ports to be listed numerically. Alternatively: iptables-save > iptables_rules less iptables_rules This method is particularly useful for cleaning up duplicated rules. Allow a portThis example allows a TCP port through the firewall: This example allows a UDP port through the firewall, for all network interfaces in the "public" zone: Reload the firewallThis makes the port changes permanent: service iptables save Delete a ruleThe simplest way to delete rules in iptables, is to save and restore the configuration: First, save the rules: iptables-save > iptables_rules Now edit the rules: vi iptables_rules Now restore the rules, with the changes made, and make them permanent: iptables-restore < iptables_rules |