systemctl stop firewalld.service #停止firewall
systemctl disable firewalld.service #禁止firewall開機啟動
firewall-cmd --state #檢視預設防火牆狀態(關閉後顯示notrunning,開啟後顯示running)
vi/etc/sysconfig/iptables #編輯防火牆配置檔案
# sampleconfiguration for iptables service
# you can edit thismanually or use system-config-firewall
# please do not askus to add additional ports/services to this default configuration
:input accept [0:0]
:forward accept[0:0]
:output accept[0:0]
-a input -m state--state related,established -j accept
-a input -p icmp -jaccept
-a input -i lo -jaccept
-a input -p tcp -mstate --state new -m tcp --dport 22 -j accept
-a input -p tcp -m state --state new -m tcp --dport 80 -jaccept
-a input -p tcp -m state --state new -m tcp --dport 8080-j accept
-a input -j reject--reject-with icmp-host-prohibited
-a forward -jreject --reject-with icmp-host-prohibited
:wq! #儲存退出
