Category Archives: Firewall

查看firewalld状态时看到警报,但警报不完整.可以试着加 -l.查看完整信息

查看firewalld状态时看到警报,但警报不完整.可以试着加 -l.查看完整信息 1systemctl status firewalld.service 返回如下信息: 1234567891011May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: ‘/usr/sbin/iptables -w10 -t filter -X DOCKER-ISOLATION-STAGE-1’ failed: iptables: No…that name May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: ‘/usr/sbin/iptables -w10 -w –table filter –delete INPUT –in-interface virbr0 –pr…t chain?) May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: ‘/usr/sbin/iptables -w10 -t filter -F DOCKER-ISOLATION-STAGE-2’ failed: […]

解决docker 报错 “WARNING: AllowZoneDrifting is enabled”

解决docker 报错 “WARNING: AllowZoneDrifting is enabled” 1systemctl status firewalld.service   时弹出如下报错. 提示警告: 1WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It will be removed in a future release. 解决办法: 1vi /etc/firewalld/firewalld.conf 1//搜索:AllowZoneDrifiting  , 把对应的值 yes  改为 no 1systemctl restart firewalld

fail2ban 自启动后会导致 firewalld 无法自启动.

fail2ban 自启动后会导致 firewalld 无法自启动. 1systemctl restart firewalld.service 会遇到如下报错 1Failed to restart firewalld.service: Transaction contains conflicting jobs ‘restart’ and ‘stop’ for fail2ban.service. Probably contradicting requirement 可以通过如下步骤重启 方法一: 123systemctl stop fail2ban.service systemctl restart firewalld.service systemctl start fail2ban.service 方法二: 12systemctl stop firewalld.service systemctl start firewalld.service 最后通过如下方法让其开机自启动 1chmod +x /etc/rc.d/rc.local       //让其可执行 1vi /etc/rc.d/rc.local 最后面加入 1systemctl stop […]

firewalld端口转发实例

firewalld端口转发实例 杭州服务器:121.196.179.9 8080 —> 家里电脑: 172.26.115.151 80 1. 杭州服务器上配置: 121.196.179.9 8080 1-1. 内核参数文件sysctl.conf配置ip转发功能 1vi /etc/sysctl.conf 1net.ipv4.ip_forward = 1              //这行没有的话就加这行 1sysctl -p                            //命令生效 1-2. firewall放行8080端口 12firewall-cmd –permanent –add-port=8080/tcp     //放行端口 firewall-cmd –reload         […]

7 centos7下Firewall使用详解 [进阶篇]

7 centos7下Firewall使用详解 [进阶篇] 1https://www.cnblogs.com/yang-dan/p/12090773.html 1. firewalld放行端口 8081/tcp,8082/tcp,8083/tcp [用一行代码] 1firewall-cmd –permanent –zone=public –add-port={8081/tcp,8082/tcp,8083/tcp} 2. firewalld放行服务 http,https [用一行代码] 1firewall-cmd –permanent –zone=public –add-service={http,https} 3. 自定义服务名称—>服务对应的端口 8081 8082 8083 –>api业务 123cd /usr/lib/firewalld/services/ cp http.xml api.xml vi api.xml 1234567<?xml version="1.0" encoding="utf-8"?> <service>   <short>API (HTTP)</short>   <port protocol="tcp" port="8081"/>   <port protocol="tcp" port="8082"/>   <port protocol="tcp" port="8083"/> </service> 12firewall-cmd –reload […]

centos7下Firewall使用详解 [高级篇]

centos7下Firewall使用详解 [高级篇] 12https://www.cnblogs.com/duanxin1/p/9860913.html https://blog.csdn.net/qq_26227841/article/details/88540775 1. 启用IP转发 1vi /etc/sysctl.conf 1net.ipv4.ip_forward = 1              //这行没有的话就加这行 1sysctl -p                            //命令生效 2. IP相同,端口不同 转发 192.168.122.52 端口4443 转发到 192.168.122.52 端口22 端口转发: 4443端口 – 转发到 – 22端口 [https://www.cnblogs.com/duanxin1/p/9860913.html] 2-1. 启用IP转发 1vi /etc/sysctl.conf 1net.ipv4.ip_forward = […]

6 centos7下Firewall使用详解

6 centos7下Firewall使用详解 1https://www.cnblogs.com/zqifa/p/linux-firewall-1.html 1-1. 查看是否已安装服务firewalld 1rpm -qa | grep firewalld 1-2. 查看是否已安装服务firewalld-filesystem 1rpm -qa | grep firewalld-filesystem 1-3. 查看是否已安装服务firewall-config //图像显示 1rpm -qa | grep firewall-config 2-1. 安装服务firewalld 1yum install -y firewalld 2-2. 安装服务firewalld-filesystem 1yum install -y firewalld-filesystem 2-3. 安装服务firewall-config 1yum install -y firewall-config 3-1. 查看服务状态firewalld 1systemctl status firewalld.service 3-2. 启动服务firewalld 1systemctl start firewalld.service 3-3. 关闭服务firewalld […]