centos7 配置iptables 开放80端口
来源:互联网 发布:日本人的审美标准知乎 编辑:程序博客网 时间:2024/06/05 02:58
因为最近在学习PHP,安装了PHP和apache之后,写的一些脚本在本机上一直都可以访问,单纯的为了学习PHP就没有太在意其它电脑能不能访问的问题,认为那是理所当然的可以,当时今晚在宿舍试了一下,神奇的发现竟然不可以,咋办,只能去网上找解决办法,有人就说是因为防火墙没有开放了80端口,于是就把防火关了,果然可以访问了。接下来就是配置方后墙iptables文件,将80端口开放即可,可是问题来了,由于新版的centos与以往有所不同,搞了一两个小时,也没搞好,后来发现iptables的22号端口是开放的,就灵机一动,看了下22号端口开放的配置文件是咋写的,将其复制下来,把22改成80即可。测试,果然可以。这里附上相关配置文件。
# Generated by iptables-save v1.4.21 on Sun Dec 14 22:43:19 2014
*nat
:PREROUTING ACCEPT [17363:2059568]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [341:21143]
:POSTROUTING ACCEPT [341:21143]
:OUTPUT_direct - [0:0]
:POSTROUTING_ZONES - [0:0]
:POSTROUTING_ZONES_SOURCE - [0:0]
:POSTROUTING_direct - [0:0]
:POST_public - [0:0]
:POST_public_allow - [0:0]
:POST_public_deny - [0:0]
:POST_public_log - [0:0]
:PREROUTING_ZONES - [0:0]
:PREROUTING_ZONES_SOURCE - [0:0]
:PREROUTING_direct - [0:0]
:PRE_public - [0:0]
:PRE_public_allow - [0:0]
:PRE_public_deny - [0:0]
:PRE_public_log - [0:0]
-A PREROUTING -j PREROUTING_direct
-A PREROUTING -j PREROUTING_ZONES_SOURCE
-A PREROUTING -j PREROUTING_ZONES
-A OUTPUT -j OUTPUT_direct
-A POSTROUTING -j POSTROUTING_direct
-A POSTROUTING -j POSTROUTING_ZONES_SOURCE
-A POSTROUTING -j POSTROUTING_ZONES
-A POSTROUTING_ZONES -o enp3s0 -g POST_public
-A POSTROUTING_ZONES -g POST_public
-A POST_public -j POST_public_log
-A POST_public -j POST_public_deny
-A POST_public -j POST_public_allow
-A PREROUTING_ZONES -i enp3s0 -g PRE_public
-A PREROUTING_ZONES -g PRE_public
-A PRE_public -j PRE_public_log
-A PRE_public -j PRE_public_deny
-A PRE_public -j PRE_public_allow
COMMIT
# Completed on Sun Dec 14 22:43:19 2014
# Generated by iptables-save v1.4.21 on Sun Dec 14 22:43:19 2014
*mangle
:PREROUTING ACCEPT [20955:3125481]
:INPUT ACCEPT [4577:1149719]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1985:262558]
:POSTROUTING ACCEPT [1985:262558]
:FORWARD_direct - [0:0]
:INPUT_direct - [0:0]
:OUTPUT_direct - [0:0]
:POSTROUTING_direct - [0:0]
:PREROUTING_ZONES - [0:0]
:PREROUTING_ZONES_SOURCE - [0:0]
:PREROUTING_direct - [0:0]
:PRE_public - [0:0]
:PRE_public_allow - [0:0]
:PRE_public_deny - [0:0]
:PRE_public_log - [0:0]
-A PREROUTING -j PREROUTING_direct
-A PREROUTING -j PREROUTING_ZONES_SOURCE
-A PREROUTING -j PREROUTING_ZONES
-A INPUT -j INPUT_direct
-A FORWARD -j FORWARD_direct
-A OUTPUT -j OUTPUT_direct
-A POSTROUTING -j POSTROUTING_direct
-A PREROUTING_ZONES -i enp3s0 -g PRE_public
-A PREROUTING_ZONES -g PRE_public
-A PRE_public -j PRE_public_log
-A PRE_public -j PRE_public_deny
-A PRE_public -j PRE_public_allow
COMMIT
# Completed on Sun Dec 14 22:43:19 2014
# Generated by iptables-save v1.4.21 on Sun Dec 14 22:43:19 2014
*security
:INPUT ACCEPT [1595:907303]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1985:262558]
:FORWARD_direct - [0:0]
:INPUT_direct - [0:0]
:OUTPUT_direct - [0:0]
-A INPUT -j INPUT_direct
-A FORWARD -j FORWARD_direct
-A OUTPUT -j OUTPUT_direct
COMMIT
# Completed on Sun Dec 14 22:43:19 2014
# Generated by iptables-save v1.4.21 on Sun Dec 14 22:43:19 2014
*raw
:PREROUTING ACCEPT [20969:3126527]
:OUTPUT ACCEPT [1985:262558]
:OUTPUT_direct - [0:0]
:PREROUTING_direct - [0:0]
-A PREROUTING -j PREROUTING_direct
-A OUTPUT -j OUTPUT_direct
COMMIT
# Completed on Sun Dec 14 22:43:19 2014
# Generated by iptables-save v1.4.21 on Sun Dec 14 22:43:19 2014
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [3:132]
:FORWARD_IN_ZONES - [0:0]
:FORWARD_IN_ZONES_SOURCE - [0:0]
:FORWARD_OUT_ZONES - [0:0]
:FORWARD_OUT_ZONES_SOURCE - [0:0]
:FORWARD_direct - [0:0]
:FWDI_public - [0:0]
:FWDI_public_allow - [0:0]
:FWDI_public_deny - [0:0]
:FWDI_public_log - [0:0]
:FWDO_public - [0:0]
:FWDO_public_allow - [0:0]
:FWDO_public_deny - [0:0]
:FWDO_public_log - [0:0]
:INPUT_ZONES - [0:0]
:INPUT_ZONES_SOURCE - [0:0]
:INPUT_direct - [0:0]
:IN_public - [0:0]
:IN_public_allow - [0:0]
:IN_public_deny - [0:0]
:IN_public_log - [0:0]
:OUTPUT_direct - [0:0]
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -j INPUT_direct
-A INPUT -j INPUT_ZONES_SOURCE
-A INPUT -j INPUT_ZONES
-A INPUT -p icmp -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i lo -j ACCEPT
-A FORWARD -j FORWARD_direct
-A FORWARD -j FORWARD_IN_ZONES_SOURCE
-A FORWARD -j FORWARD_IN_ZONES
-A FORWARD -j FORWARD_OUT_ZONES_SOURCE
-A FORWARD -j FORWARD_OUT_ZONES
-A FORWARD -p icmp -j ACCEPT
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A OUTPUT -j OUTPUT_direct
-A FORWARD_IN_ZONES -i enp3s0 -g FWDI_public
-A FORWARD_IN_ZONES -g FWDI_public
-A FORWARD_OUT_ZONES -o enp3s0 -g FWDO_public
-A FORWARD_OUT_ZONES -g FWDO_public
-A FWDI_public -j FWDI_public_log
-A FWDI_public -j FWDI_public_deny
-A FWDI_public -j FWDI_public_allow
-A FWDO_public -j FWDO_public_log
-A FWDO_public -j FWDO_public_deny
-A FWDO_public -j FWDO_public_allow
-A INPUT_ZONES -i enp3s0 -g IN_public
-A INPUT_ZONES -g IN_public
-A IN_public -j IN_public_log
-A IN_public -j IN_public_deny
-A IN_public -j IN_public_allow
-A IN_public_allow -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 80 -m conntrack --ctstate NEW -j ACCEPT //只是添加了这以行就行
COMMIT
# Completed on Sun Dec 14 22:43:19 2014
完了之后要重启iptables服务!
- centos7 配置iptables 开放80端口
- centos 7 配置iptables开放80端口
- iptables 开放80端口
- CentOS7使用iptables防火墙开放端口
- 【阿里云配置端口开放】使用 iptables
- centos7防火墙开放80端口
- Iptables开放22,53,80端口
- CentOS中iptables开放80端口
- CENTOS iptables 开放端口
- iptables开放端口
- Centos7 开放端口
- Centos7开放端口
- Centos7 开放端口
- Centos7 开放端口
- Centos7 开放端口
- centos7 开放tcp端口
- centos7开放端口
- Centos7 防火墙开放端口
- Hive之分区(Partitions)和桶(Buckets)
- How to Execute a Command in C# ?
- Source Insight经典教程
- 写在前面
- JAVA面试小题
- centos7 配置iptables 开放80端口
- 复数加减法
- java ant用法详解
- 【 状压DP】 [UVA10817] Headmaster's Headache
- 关于oracle自增长序列和mybatis的使用问题
- Java类静态属性、静态块、非静态属性、非静态块、构造函数在初始化时的执行顺序
- 使用Git来部署一个Web站点笔记
- C++4 函数
- Netty高性能之道