-A INPUT -m state --state NEW -m tcp -p tcp -s dizhi --dport 6379 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
centos 7
firewall-cmd --zone=public --add-port=53/udp --permanent
firewall-cmd --zone=public --remove-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=4400-4600/udp --permanent
#内核
cat /proc/version
#版本
cat /etc/redhat_release
centos7
systemctl status/start/stop firewalld
centos 6
red hat serivce iptables status/stop/start
# firewall rules
/etc/udev/rules.d/70-persistent-net.rules
1.查看已开放的端口(默认不开放任何端口)
firewall-cmd --list-ports
2.开启80端口
firewall-cmd --zone=public(作用域) --add-port=80/tcp(端口和访问类型) --permanent(永久生效)
3.重启防火墙
firewall-cmd --reload
4.停止防火墙
systemctl stop firewalld.service
5.禁止防火墙开机启动
systemctl disable firewalld.service
6.删除
firewall-cmd --zone=public --remove-port=80/tcp --permanent
7.白名单
firewall-cmd --add-rich-rule 'rule family="ipv4" source address="*" accept' --permanent
/etc/ssh/sshd_config
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
#过滤ip
vim /etc/hosts.allow
服务 services.msc