iptables

iptables

关注
发信
关注(28)粉丝(399)

编辑iptables防火墙,让80端口不工作

本文介绍了编辑iptables防火墙,让80端口不工作的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我已经配置我的/ etc / sysconfig中/ iptables文件接受端口80(非手工,但根据教程文件编辑得到正确的方式)。该文件看起来像:

I have configured my /etc/sysconfig/iptables file to accept port 80 (not manually, but the file got edited the correct way according to tutorials). The file looks like:

sy# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 5353 -d 224.0.0.251 -j ACCE$
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

根据我的教程(以及其他TUTS)行告诉端口80 -j ACCEPT应该做的伎俩,让80端口,但是禁用我的防火墙后才它的实际工作(危险..)。

According to my tutorial (and other tuts) the line telling port 80 -j ACCEPT should do the trick to enable port 80, but only after disabling my firewall it actually works (danger..).

我能做些什么来进一步编辑我的防火墙接受80端口?我只有通过SSH访问。

What can i do to edit my firewall further to accept port 80? I only have access through SSH.

-

我已经加入

-A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT

我的表中删除

-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

但没有做的伎俩。

but that did not do the trick.

推荐答案

我发现我的IPTables设置无关与firewalld。它完全忽略了(废话.. iptables的是另一种应用程序,使用不同的配置文件比firewalld)。

I found out that my IPTables settings had nothing to do with firewalld. It was completely ignored (duh.. iptables is another app, using different config files than firewalld).

我已经firewalld删除,并取得了iptables的默认防火墙。

I have removed firewalld, and made iptables the default firewall.

删除firewalld

Remove firewalld

安装(如果尚未安装)的iptables

install (if not installed already) iptables

修改的/ etc / sysconfig中/ iptables的

添加

-A INPUT -m状态--state NEW -m -p tcp的TCP --dport 80 -j ACCEPT ​​

执行以下命令(Fedora的,最有可能的所有红帽发行的):

execute the following command (fedora, most likely all redhat distro's):

# service iptables save

或执行以下命令(Debian的,Ubuntu的,最有可能所有的Debian发行版的)

or execute the following command (debian, ubuntu, most likely all debian distro's)

# /etc/init.d/iptables save

这篇关于编辑iptables防火墙,让80端口不工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-16 06:28
Powered by LMLPHP ©2024 iptables 0.003066