Home >Operation and Maintenance >CentOS >How to solve the problem that centos firewall cannot be started
How to solve the problem that centos firewall cannot be started?
CentOS firewall cannot be started, and online servers need to enable the firewall service. This is the most direct and effective way to protect Linux system security.
1. If
service iptables start service iptables restart
cannot start/restart the firewall.
2. The best way is to modify the configuration file
vi /etc/sysconfig/iptables [plain] view plaincopy # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT
and then start the firewall
service iptables start
Check the firewall service
service iptables status
3. If you need to enable exceptions Port, add the following configuration:
vi /etc/sysconfig/iptables [plain] view plaincopy # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT
As above, add the 3306 service port
If you need to turn off the firewall automatic startup, then
Check the status
chkconfig --list iptables
Close Automatic start
chkconfig iptables off
View status
chkconfig --list iptables
Related reference:centOS tutorial
The above is the detailed content of How to solve the problem that centos firewall cannot be started. For more information, please follow other related articles on the PHP Chinese website!