linux在防火牆上開啟1521埠
1、在/etc/sysconfig/iptables中新增-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT
[root@vaxph97 ~]# vi /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state –-state NEW -m tcp -p tcp -–dport 1521 -j ACCEPT
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT
COMMIT
~
2、儲存後重啟防火牆
service iptables restart
3、檢視
[root@vaxph97 ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:1521
也可以使用telnet 127.0.0.1 1521測試是否開啟
[root@vaxph97 ~]# vi /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state –-state NEW -m tcp -p tcp -–dport 1521 -j ACCEPT
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT
COMMIT
~
2、儲存後重啟防火牆
service iptables restart
3、檢視
[root@vaxph97 ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:1521
也可以使用telnet 127.0.0.1 1521測試是否開啟
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/29802484/viewspace-1400041/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- centos 開啟防火牆指定埠CentOS防火牆
- 在防火牆上開發Oracle埠的問題防火牆Oracle
- linux下修改防火牆,開啟8080埠Linux防火牆
- Linux下防火牆開啟相關埠及檢視已開啟埠Linux防火牆
- 防火牆埠(上)(轉載)防火牆
- 開啟、關閉防火牆或者開放埠防火牆
- CentOS開啟防火牆及開放指定埠CentOS防火牆
- Linux 防火牆開放特定埠 (iptables)Linux防火牆
- Centos7 開啟80埠防火牆命令CentOS防火牆
- linux 防火牆埠號開發情況Linux防火牆
- Linux 7新增防火牆埠Linux防火牆
- Windows上Oracle開放防火牆埠問題(轉)WindowsOracle防火牆
- ubuntu下開啟/關閉防火牆 及埠 - 命令Ubuntu防火牆
- CentOS 7 開放防火牆埠CentOS防火牆
- CentOS下開放防火牆埠CentOS防火牆
- linux關閉防火牆命令 linux防火牆關閉和開啟命令Linux防火牆
- Centos7 防火牆(firewall)開埠CentOS防火牆
- CentOS7使用firewalld開啟關閉防火牆與埠CentOS防火牆
- Linux下關閉和開啟防火牆Linux防火牆
- linux 如何檢視防火牆是否開啟Linux防火牆
- Linux防火牆的關閉和開啟Linux防火牆
- datagard 可以只開啟1521埠麼?
- Linux系統下如何在防火牆開放指定埠Linux防火牆
- 防火牆在RAC上的配置防火牆
- ORACLE RAC開啟防火牆Oracle防火牆
- 如何在 Alpine Linux 上啟用或禁用防火牆?Linux防火牆
- ORA-12170 Windows上Oracle開放防火牆埠問題WindowsOracle防火牆
- Centos 7防火牆firewalld開放80埠CentOS防火牆
- 在linux上用arptables配置arp防火牆Linux防火牆
- Linux防火牆的關閉、開啟和配置Linux防火牆
- 防火牆埠(下)(轉載)防火牆
- 防火牆埠(中)(轉載)防火牆
- 分享:有關Linux伺服器(在防火牆iptables)開放埠的操作總結Linux伺服器防火牆
- pfSense——跑在 Vmware 上的防火牆防火牆
- Windows server 防火牆開放oracle監聽埠WindowsServer防火牆Oracle
- Linux開啟防火牆並設定策略指令碼Linux防火牆指令碼
- CentOS8檢視防火牆狀態,開啟/關閉防火牆CentOS防火牆
- linux系統檢視防火牆是否開啟並清除防火牆規則的方法步驟Linux防火牆