安装iptables
yum install iptables-services
编写允许访问的策略
vim /etc/sysconfig/iptables
# sample configuration for iptables service
# # # you can edit this manually or use system-config-firewall
# # # please do not ask us to add additional ports/services to this default configuration
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -s 0.0.0.0/0 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s 0.0.0.0/0 -p tcp -m tcp --dport 8080 -j ACCEPT
-A INPUT -s 10.10.11.0/24 -p tcp -m tcp --dport 8001 -j ACCEPT
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
COMMIT
禁止firewall开机启动
systemctl disable firewall.service
启动
systemctl start iptables
更多:
https://www.cnblogs.com/chinaifae/p/9993283.html
重启
systemctl restart iptables
禁用
systemctl stop iptables
查看状态
systemctl status iptables