linux在防火牆上開啟1521埠
1、在/etc/sysconfig/iptables中新增-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT
[root@vaxph97 ~]# vi /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state –-state NEW -m tcp -p tcp -–dport 1521 -j ACCEPT
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT
COMMIT
~
2、儲存後重啟防火牆
service iptables restart
3、檢視
[root@vaxph97 ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:1521
也可以使用telnet 127.0.0.1 1521測試是否開啟
[root@vaxph97 ~]# vi /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state –-state NEW -m tcp -p tcp -–dport 1521 -j ACCEPT
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT
COMMIT
~
2、儲存後重啟防火牆
service iptables restart
3、檢視
[root@vaxph97 ~]# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:1521
也可以使用telnet 127.0.0.1 1521測試是否開啟
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/29802484/viewspace-1400041/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- linux下修改防火牆,開啟8080埠Linux防火牆
- Linux 7新增防火牆埠Linux防火牆
- linux 防火牆埠號開發情況Linux防火牆
- CentOS開啟防火牆及開放指定埠CentOS防火牆
- 開啟、關閉防火牆或者開放埠防火牆
- linux關閉防火牆命令 linux防火牆關閉和開啟命令Linux防火牆
- ubuntu下開啟/關閉防火牆 及埠 - 命令Ubuntu防火牆
- CentOS 7 開放防火牆埠CentOS防火牆
- Linux系統下如何在防火牆開放指定埠Linux防火牆
- 如何在 Alpine Linux 上啟用或禁用防火牆?Linux防火牆
- linux下mysql開啟遠端訪問許可權及防火牆開放3306埠LinuxMySql訪問許可權防火牆
- CentOS7使用firewalld開啟關閉防火牆與埠CentOS防火牆
- 分享:有關Linux伺服器(在防火牆iptables)開放埠的操作總結Linux伺服器防火牆
- 在Linux中,如何配置防火牆?Linux防火牆
- 防火牆在RAC上的配置防火牆
- Linux開啟防火牆並設定策略指令碼Linux防火牆指令碼
- 防火牆怎麼開啟防火牆
- Linux 防火牆只允許指定IP 埠訪問Linux防火牆
- linux系統檢視防火牆是否開啟並清除防火牆規則的方法步驟Linux防火牆
- pfSense——跑在 Vmware 上的防火牆防火牆
- 雲伺服器埠和防火牆埠配置伺服器防火牆
- Linux配置防火牆Linux防火牆
- Linux防火牆命令Linux防火牆
- LINUX 防火牆 firewalldLinux防火牆
- CentOS8檢視防火牆狀態,開啟/關閉防火牆CentOS防火牆
- ubuntu 開啟/關閉ubuntu防火牆Ubuntu防火牆
- centos 6.x 7.x防火牆開啟埠範圍IP地址 配置CentOS防火牆
- Ubuntu系統中防火牆的使用和開放埠Ubuntu防火牆
- 伺服器window如何設定防火牆開放埠伺服器防火牆
- 在Linux中,如何設定防火牆規則?Linux防火牆
- centsos關閉防火牆解決websocket伺服器連線不上的問題(ifconfig、防火牆、ping、ws啟動時,只用埠即可 )防火牆Web伺服器
- Linux防火牆基礎Linux防火牆
- Linux 防火牆配置使用Linux防火牆
- linux 7 防火牆操作Linux防火牆
- 修改防火牆規則,開放 Linux 的 3306 埠,外部訪問 MySQL 資料庫防火牆LinuxMySql資料庫
- 如何開啟 Mac 應用程式防火牆Mac防火牆
- Docker 埠對映防火牆規則配置Docker防火牆
- win10系統怎麼開啟arp防火牆_win10開啟arp防火牆的步驟Win10防火牆
- win10系統下如何使用防火牆開放埠Win10防火牆