Home > Article > Operation and Maintenance > How to use a firewall to set up network transmission security for CentOS servers
How to use a firewall to set up network transmission security for CentOS servers
The firewall is one of the important components in server security. It can help us filter out malicious network traffic and protect the server from intrusions and attacks. This article will introduce how to use a firewall to set up network transmission security for CentOS servers, and attach code examples.
sudo systemctl status firewalld
If the output shows "active (running)", it means the firewall is enabled; if the output shows "inactive (dead)", it means the firewall Not Enabled.
sudo systemctl start firewalld
sudo firewall-cmd --set-default-zone=public sudo firewall-cmd --permanent --zone=public --remove-service=dhcpv6-client sudo firewall-cmd --permanent --zone=public --remove-service=dhcpv6-server sudo firewall-cmd --reload
The above command will set the default firewall zone to "public" and remove the services related to the DHCPv6 client and server.
sudo firewall-cmd --permanent --zone=public --add-port=80/tcp sudo firewall-cmd --permanent --zone=public --add-port=80/udp sudo firewall-cmd --reload
The above command will permanently open port 80, supporting TCP and UDP protocols.
sudo firewall-cmd --permanent --zone=public --remove-port=22/tcp sudo firewall-cmd --permanent --zone=public --remove-port=22/udp sudo firewall-cmd --reload
The above command will permanently block the TCP and UDP protocols of port 22.
sudo firewall-cmd --permanent --zone=public --add-rich-rule="rule family='ipv4' source address='192.168.0.10' port protocol='tcp' port='3306' accept" sudo firewall-cmd --reload
The above command will permanently allow the host with the IP address 192.168.0.10 to access the server's 3306 port.
sudo firewall-cmd --zone=public --list-all
The above command will display the current "public" All firewall rules for the zone.
Summary:
This article introduces how to use a firewall to set up network transmission security for CentOS servers. By setting firewall rules, opening required ports, blocking unnecessary ports, and configuring complex rules, we can enhance the network security of the server. Please select appropriate firewall rules based on actual needs, and check whether the rules take effect after the configuration is completed.
The above is the detailed content of How to use a firewall to set up network transmission security for CentOS servers. For more information, please follow other related articles on the PHP Chinese website!