CentOS 7.1配置防火墙

// 查看 firewalld

[root@wode006 sysconfig]# systemctl status firewalld.service

firewalld.service - firewalld - dynamic firewall daemon

Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)

Active:active (running)since 四 2015-07-02 15:19:05 CST; 1 day 10h ago

Main PID: 901 (firewalld)

CGroup: /system.slice/firewalld.service

└─901 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

7月 02 15:19:04 wode006 systemd[1]: Starting firewalld - dynamic firewall .....

7月 02 15:19:05 wode006 systemd[1]: Started firewalld - dynamic firewall d...n.

Hint: Some lines were ellipsized, use -l to show in full.

[root@wode006 sysconfig]#

// 关闭 firewalld

[root@wode006 sysconfig]# systemctl stop firewalld.service

[root@wode006 sysconfig]# systemctl status firewalld.service

firewalld.service - firewalld - dynamic firewall daemon

Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)

Active: inactive (dead) since 六 2015-07-04 01:29:24 CST; 2s ago

Main PID: 901 (code=exited, status=0/SUCCESS)

7月 02 15:19:04 wode006 systemd[1]: Starting firewalld - dynamic firewall .....

7月 02 15:19:05 wode006 systemd[1]: Started firewalld - dynamic firewall d...n.

7月 04 01:29:23 wode006 systemd[1]: Stopping firewalld - dynamic firewall .....

7月 04 01:29:24 wode006 systemd[1]: Stopped firewalld - dynamic firewall d...n.

Hint: Some lines were ellipsized, use -l to show in full.

[root@wode006 sysconfig]#

// 禁止开机启动 firewalld

[root@wode006 sysconfig]# systemctl disable firewalld.service

rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'

rm '/etc/systemd/system/basic.target.wants/firewalld.service'

[root@wode006 sysconfig]# systemctl status firewalld.service

firewalld.service - firewalld - dynamic firewall daemon

Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled)

Active: inactive (dead)

7月 02 15:19:04 wode006 systemd[1]: Starting firewalld - dynamic firewall .....

7月 02 15:19:05 wode006 systemd[1]: Started firewalld - dynamic firewall d...n.

7月 04 01:29:23 wode006 systemd[1]: Stopping firewalld - dynamic firewall .....

7月 04 01:29:24 wode006 systemd[1]: Stopped firewalld - dynamic firewall d...n.

Hint: Some lines were ellipsized, use -l to show in full.

[root@wode006 sysconfig]#

// 安装 iptables

[root@wode006 sysconfig]# yum install iptables-services

已加载插件：fastestmirror, langpacks

Repository base is listed more than once in the configuration

Repository updates is listed more than once in the configuration

Repository extras is listed more than once in the configuration

Repository centosplus is listed more than once in the configuration

Repository base is listed more than once in the configuration

Repository updates is listed more than once in the configuration

Repository extras is listed more than once in the configuration

Repository centosplus is listed more than once in the configuration

Loading mirror speeds from cached hostfile

正在解决依赖关系

--> 正在检查事务

---> 软件包 iptables-services.x86_64.0.1.4.21-13.el7 将被 安装

--> 解决依赖关系完成

// 配置 iptables

[root@wode006 sysconfig]# vi /etc/sysconfig/iptables

[root@wode006 sysconfig]#

# allowed ssh

-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT

// 重启防火墙

[root@wode006 sysconfig]# service iptables restart

Redirecting to /bin/systemctl restart iptables.service

[root@wode006 sysconfig]# systemctl restart iptables.service

[root@wode006 sysconfig]#