Last update at :2024-07-07,Edit by888u
In Linux systems, firewall iptables is generally used to control port access. Applicable to centos, debian and other systems.
There are 2 methods in total, just choose one of the following.
All operate under SSH.
1. Command mode:
Allow external network access to port 3306
/sbin/iptables -I INPUT -p tcp --dport 3306 -j ACCEPT #Open port 3306Close external network access port 3306
/sbin/iptables -A INPUT -p tcp --dport 3306 -j DROP #Close the portSave and restart the service
/etc/rc.d/init.d/iptables save #Save configuration /etc/rc.d/init.d/iptables restart #Restart the service netstat -anp|grep 3306 #Check whether the port is open2. Edit the iptables file and add a line below the 22 port location
vi /etc/sysconfig/iptablesAfter adding it, it will look like this:
##################################### # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j ACCEPT -A INPUT -m state –state NEW -m tcp -p tcp –dport 3306 -j ACCEPT -A INPUT -j REJECT –reject-with icmp-host-prohibited -A FORWARD -j REJECT –reject-with icmp-host-prohibited COMMITFinally restart the firewall to make the configuration take effect
/etc/init.d/iptables restartRecommended site search: registered domain name query, vps host, cpanel host, online store virtual host, US server defense, online IP check, domain name space, Hong Kong host, host server rental, free virtual host,
发表评论