ftp默认端口是21 ssh默认端口是22 MySQL默认端口是3306 web默认是80 这些端口都是默认开放的;
执行某些特定任务时,会需要改变端口,在防火墙上开放一个新的端口让数据通过;
linux 服务器上 我用的最多的是Centos版本,刚刚查了些资料在国外服务器上测试了下开放了个3308端口;
CentOS 防火墙开启80/22端口
vi /etc/sysconfig/iptables
-A INPUT -m state −–state NEW -m tcp -p tcp −–dport 80 -j ACCEPT(允许80端口通过防火墙)
-A INPUT -m state −–state NEW -m tcp -p tcp −–dport 3306 -j ACCEPT(允许3306端口通过防火墙)
特别提示:很多网友把这两条规则添加到防火墙配置的最后一行,导致防火墙启动失败,正确的应该是添加到默认的22端口这条规则的下面
/etc/init.d/iptables status
查看防火墙信息,确认22 80端口是否被打开
/etc/rc.d/init.d/iptables save
保存防火墙操作规则
service iptables restart
防火墙重启重新加载,执行新的端口规则;
------------------额外附加命令--------------------------
关闭防火墙服务
/etc/init.d/iptables stop
永久关闭防火墙
chkconfig –level 35 iptables off
附上操作日志:
[root@default ~]# /sbin/iptables -I INPUT -p tcp --dport 3308 -j ACCEPT
[root@default ~]# /etc/init.d/iptables status
Table: raw
Chain PREROUTING (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
Table: nat
Chain PREROUTING (policy ACCEPT)
num target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
Table: mangle
Chain PREROUTING (policy ACCEPT)
num target prot opt source destination
Chain INPUT (policy ACCEPT)
num target prot opt source destination
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
num target prot opt source destination
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3308
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
[root@default ~]# /etc/rc.d/init.d/iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
[root@default ~]# service iptables restart
iptables: Setting chains to policy ACCEPT: raw nat mangle f[ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]
[root@default ~]#
Comments NOTHING