• Centos7 禁止firewalld并使用iptables 作默认防火墙以及忘记root密码的处理方法


    一、停止并禁用firewalld

    [root@test ~]# systemctl stop firewalld
    [root@test ~]# systemctl disable firewalld
    Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
    Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.

    二、查看iptables 列表,并安装service 软件

    复制代码
    [root@test ~]# yum list all iptables*
    已加载插件:fastestmirror
    Loading mirror speeds from cached hostfile
     * base: mirrors.neusoft.edu.cn
     * extras: mirrors.tuna.tsinghua.edu.cn
     * updates: mirrors.sina.cn
    已安装的软件包
    iptables.x86_64                                   1.4.21-16.el7                           @base
    可安装的软件包
    iptables.i686                                     1.4.21-16.el7                           base 
    iptables-devel.i686                               1.4.21-16.el7                           base 
    iptables-devel.x86_64                             1.4.21-16.el7                           base 
    iptables-services.x86_64                          1.4.21-16.el7                           base 
    iptables-utils.x86_64                             1.4.21-16.el7                           base 
    复制代码

    安装service

    [root@test ~]# yum install iptables-services -y

    三、启动iptables服务,并检查状态

    复制代码
    [root@test ~]# systemctl start iptables
    [root@test ~]# systemctl status iptables
    ● iptables.service - IPv4 firewall with iptables
       Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; vendor preset: disabled)
       Active: active (exited) since 五 2016-08-05 07:54:57 CST; 9s ago
      Process: 8164 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
     Main PID: 8164 (code=exited, status=0/SUCCESS)
    
    8月 05 07:54:56 test systemd[1]: Starting IPv4 firewall with iptables...
    8月 05 07:54:57 test iptables.init[8164]: iptables: Applying firewall rules: [  OK  ]
    8月 05 07:54:57 test systemd[1]: Started IPv4 firewall with iptables.
    复制代码

    四、加入开机自启动

    [root@test ~]# systemctl enable iptables
    Created symlink from /etc/systemd/system/basic.target.wants/iptables.service to /usr/lib/systemd/system/iptables.service.

    另:systemctl命令相关

    如何激活服务并在启动时启用或禁用服务(即系统启动时自动启动服务

    # systemctl enable httpd.service

    # systemctl disable httpd.service

    如何屏蔽(让它不能启动)或显示服务(如 httpd.service)

    # systemctl mask httpd.service

    ln -s '/dev/null' '/etc/systemd/system/httpd.service'

    # systemctl unmask httpd.service

    rm '/etc/systemd/system/httpd.service

    列出所有服务(包括启用的和禁用的):

    # systemctl list-unit-files --type=service
    UNIT FILE STATE
    arp-ethers.service disabled
    auditd.service enabled
    autovt@.service disabled
    blk-availability.service disabled
    brandbot.service static
    console-getty.service disabled
    console-shell.service disabled
    container-getty@.service static
    ...

    分析启动时各个进程花费的时间:

    # systemd-analyze blame
    8.565s mariadb.service
    7.991s webmin.service
    6.095s postfix.service
    4.311s httpd.service
    3.926s firewalld.service
    3.780s kdump.service
    3.238s tuned.service
    1.712s network.service
    1.394s lvm2-monitor.service
    1.126s systemd-logind.service
    ....

    更多参考:https://linux.cn/article-5926-1.html 

     ------------------------------------------------------------------------------------------

    忘记root密码时:

    1 - 在启动grub菜单,选择编辑选项启动
    2 - 按键盘e键,来进入编辑界面
    3 - 找到Linux 16的那一行,将ro改为rw init=/sysroot/bin/sh
    4 - 现在按下 Control+x ,使用单用户模式启动

  • 相关阅读:
    pthread_rwlock_rdlock和“No such file or directory”
    Thrift线程和状态机分析
    Haodoop RPC解析
    Thrift结构分析及增加取客户端IP功能实现
    StarUML 5.0问题解决:Failed to open the model file. Invalid file format.
    检测Linux系统是否支持某系统调用
    eclipse的thrift插件
    常见gcc编译问题解决方法集
    Thrift编译错误('::malloc' has not been declared)
    安装Android SDK Manager的“Failed to fetch refused”问题解决方法
  • 原文地址:https://www.cnblogs.com/wjoyxt/p/5992975.html
Copyright © 2020-2023  润新知