Home > Computer Tutorials > Computer Knowledge > Detailed tutorial on Linux firewall configuration (iptables and firewalld).

Detailed tutorial on Linux firewall configuration (iptables and firewalld).

WBOY
Release: 2024-02-19 12:36:02
forward
699 people have browsed it

Linux 防火墙配置(iptables和firewalld)详细教程。

The following is a brief Linux firewall configuration tutorial, covering two commonly used firewall tools: iptables and firewalld.

iptables is one of the most commonly used firewall tools on Linux, and firewalld is the default firewall management tool used in CentOS 7 and its derivatives.

iptables firewall configuration:

  1. View current firewall rules:

    iptables -L -n
    Copy after login
  2. Clear the current firewall rules:

    iptables -F
    Copy after login
  3. Allow inbound connections on specific ports:

    iptables -A INPUT -p <协议> --dport <端口号> -j ACCEPT
    Copy after login

    For example, allow port 80 of TCP protocol:

    iptables -A INPUT -p tcp --dport 80 -j ACCEPT
    Copy after login
  4. Allow inbound connections for specific IP address ranges:

    iptables -A INPUT -s <IP地址/子网掩码> -j ACCEPT
    Copy after login

    For example, to allow connections from the 192.168.0.0/24 subnet:

    iptables -A INPUT -s 192.168.0.0/24 -j ACCEPT
    Copy after login
  5. Block all inbound connections:

    iptables -P INPUT DROP
    Copy after login
  6. Save configuration:

    service iptables save
    Copy after login

firewalld firewall configuration:

  1. View current firewall rules:

    firewall-cmd --list-all
    Copy after login
  2. Allow inbound connections on specific ports:

    firewall-cmd --zone=public --add-port=<端口号>/tcp --permanent
    Copy after login

    For example, allow port 80 of TCP protocol:

    firewall-cmd --zone=public --add-port=80/tcp --permanent
    Copy after login
  3. Allow inbound connections for specific IP address ranges:

    firewall-cmd --zone=public --add-source=<IP地址/子网掩码> --permanent
    Copy after login

    For example, to allow connections from the 192.168.0.0/24 subnet:

    firewall-cmd --zone=public --add-source=192.168.0.0/24 --permanent
    Copy after login
  4. Block all inbound connections:

    firewall-cmd --zone=public --set-default=drop
    Copy after login
  5. Reload firewall configuration:

    firewall-cmd --reload
    Copy after login

The above are just some common iptables and firewalld command examples, you can modify and extend them according to your own needs. Please note that you must be careful when configuring your firewall to ensure it is not blocking the legitimate traffic you need, and be sure to save and load the configuration for it to take effect. In addition, it is recommended to back up existing firewall rules before configuring the firewall to prevent unexpected situations.

The above is the detailed content of Detailed tutorial on Linux firewall configuration (iptables and firewalld).. For more information, please follow other related articles on the PHP Chinese website!

source:mryunwei.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template