The following is a brief Linux firewall configuration tutorial, covering two commonly used firewall tools: iptables and firewalld.
iptables is one of the most commonly used firewall tools on Linux, and firewalld is the default firewall management tool used in CentOS 7 and its derivatives.
iptables firewall configuration:
View current firewall rules:
iptables -L -n
Clear the current firewall rules:
iptables -F
Allow inbound connections on specific ports:
iptables -A INPUT -p <协议> --dport <端口号> -j ACCEPT
For example, allow port 80 of TCP protocol:
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
Allow inbound connections for specific IP address ranges:
iptables -A INPUT -s-j ACCEPT
For example, to allow connections from the 192.168.0.0/24 subnet:
iptables -A INPUT -s 192.168.0.0/24 -j ACCEPT
Block all inbound connections:
iptables -P INPUT DROP
Save configuration:
service iptables save
firewalld firewall configuration:
View current firewall rules:
firewall-cmd --list-all
Allow inbound connections on specific ports:
firewall-cmd --zone=public --add-port=<端口号>/tcp --permanent
For example, allow port 80 of TCP protocol:
firewall-cmd --zone=public --add-port=80/tcp --permanent
Allow inbound connections for specific IP address ranges:
firewall-cmd --zone=public --add-source=--permanent
For example, to allow connections from the 192.168.0.0/24 subnet:
firewall-cmd --zone=public --add-source=192.168.0.0/24 --permanent
Block all inbound connections:
firewall-cmd --zone=public --set-default=drop
Reload firewall configuration:
firewall-cmd --reload
The above are just some common iptables and firewalld command examples, you can modify and extend them according to your own needs. Please note that you must be careful when configuring your firewall to ensure it is not blocking the legitimate traffic you need, and be sure to save and load the configuration for it to take effect. In addition, it is recommended to back up existing firewall rules before configuring the firewall to prevent unexpected situations.
The above is the detailed content of Detailed tutorial on Linux firewall configuration (iptables and firewalld).. For more information, please follow other related articles on the PHP Chinese website!