查看firewalld状态时看到警报,但警报不完整.可以试着加 -l.查看完整信息 1systemctl status firewalld.service 返回如下信息: 1234567891011May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: ‘/usr/sbin/iptables -w10 -t filter -X DOCKER-ISOLATION-STAGE-1’ failed: iptables: No…that name May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: ‘/usr/sbin/iptables -w10 -w –table filter –delete INPUT –in-interface virbr0 –pr…t chain?) May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: ‘/usr/sbin/iptables -w10 -t filter -F DOCKER-ISOLATION-STAGE-2’ failed: […]
Category Archives: Firewall
解决docker 报错 “WARNING: AllowZoneDrifting is enabled” 1systemctl status firewalld.service 时弹出如下报错. 提示警告: 1WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It will be removed in a future release. 解决办法: 1vi /etc/firewalld/firewalld.conf 1//搜索:AllowZoneDrifiting , 把对应的值 yes 改为 no 1systemctl restart firewalld
fail2ban 自启动后会导致 firewalld 无法自启动. 1systemctl restart firewalld.service 会遇到如下报错 1Failed to restart firewalld.service: Transaction contains conflicting jobs ‘restart’ and ‘stop’ for fail2ban.service. Probably contradicting requirement 可以通过如下步骤重启 方法一: 123systemctl stop fail2ban.service systemctl restart firewalld.service systemctl start fail2ban.service 方法二: 12systemctl stop firewalld.service systemctl start firewalld.service 最后通过如下方法让其开机自启动 1chmod +x /etc/rc.d/rc.local //让其可执行 1vi /etc/rc.d/rc.local 最后面加入 1systemctl stop […]
1) 80,443端口转发到家里服务器 开启转发功能 公网服务器端口放行 公网服务器端口转发 阿里云网页端口放行 家里服务器端口放行 123firewall-cmd –zone=public –permanent –add-rich-rule=’rule family="ipv4" forward-port port="80" protocol="tcp" to-port="80" to-addr="192.168.196.240"’ firewall-cmd –zone=public –permanent –add-rich-rule=’rule family="ipv4" forward-port port="443" protocol="tcp" to-port="443" to-addr="192.168.196.240"’ firewall-cmd –reload 2) 3389端口转发到家里笔记本 开启转发功能 公网服务器端口放行 公网服务器端口转发 阿里云网页端口放行 家里服务器端口放行 大陆vps已经禁了所有端口,只有香港vps可以用这些端口 12firewall-cmd –zone=public –permanent –add-rich-rule=’rule family="ipv4" forward-port port="3389" protocol="tcp" to-port="3389" to-addr="192.168.196.60"’ firewall-cmd –reload firewalld端口转发实例 杭州服务器:121.196.179.9 8080 —> 家里电脑: 172.26.115.151 […]
7 centos7下Firewall使用详解 [进阶篇] 1https://www.cnblogs.com/yang-dan/p/12090773.html 1. firewalld放行端口 8081/tcp,8082/tcp,8083/tcp [用一行代码] 1firewall-cmd –zone=public –permanent –add-port={8081/tcp,8082/tcp,8083/tcp} 2. firewalld放行服务 http,https [用一行代码] 1firewall-cmd –zone=public –permanent –add-service={http,https} 3. 自定义服务名称—>服务对应的端口 8081 8082 8083 –>api业务 123cd /usr/lib/firewalld/services/ cp http.xml api.xml vi api.xml 1234567<?xml version="1.0" encoding="utf-8"?> <service> <short>API (HTTP)</short> <port protocol="tcp" port="8081"/> <port protocol="tcp" port="8082"/> <port protocol="tcp" port="8083"/> </service> 12firewall-cmd –reload […]
centos7下Firewall使用详解 [高级篇] 12https://www.cnblogs.com/duanxin1/p/9860913.html https://blog.csdn.net/qq_26227841/article/details/88540775 1. 启用IP转发 1vi /etc/sysctl.conf 1net.ipv4.ip_forward = 1 //这行没有的话就加这行 1sysctl -p //命令生效 2. IP相同,端口不同 转发 192.168.122.52 端口4443 转发到 192.168.122.52 端口22 端口转发: 4443端口 – 转发到 – 22端口 [https://www.cnblogs.com/duanxin1/p/9860913.html] 2-1. 启用IP转发 1vi /etc/sysctl.conf 1net.ipv4.ip_forward = […]
6 centos7下Firewall使用详解 1https://www.cnblogs.com/zqifa/p/linux-firewall-1.html 1-1. 查看是否已安装服务firewalld 1rpm -qa | grep firewalld 1-2. 查看是否已安装服务firewalld-filesystem 1rpm -qa | grep firewalld-filesystem 1-3. 查看是否已安装服务firewall-config //图像显示 1rpm -qa | grep firewall-config 2-1. 安装服务firewalld 1yum install -y firewalld 2-2. 安装服务firewalld-filesystem 1yum install -y firewalld-filesystem 2-3. 安装服务firewall-config 1yum install -y firewall-config 3-1. 查看服务状态firewalld 1systemctl status firewalld.service 3-2. 启动服务firewalld 1systemctl start firewalld.service 3-3. 关闭服务firewalld […]