CentOS上的开放端口问题
问题描述:
我正在使用CentOS 6机器。我试着遵循以下指南:CentOS上的开放端口问题
如果我在目标机器上运行nmap ipofmachine
我有这个奇怪的结果。
Host is up (0.0079s latency).
Not shown: 996 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp closed http
443/tcp closed https
8080/tcp closed http-proxy
然而,当我运行sudo iptables -L
我有以下的输出:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:webcache
ACCEPT tcp -- anywhere anywhere tcp dpt:webcache
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:webcache
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
我缺少的东西?让我知道你是否需要更多信息(我试图打开端口8080)。
答
为了允许特定端口上的连接必须配置CentoOS防火墙:
> sudo firewall-cmd --permanent --zone=public --add-port=8080/tcp
> sudo firewall-cmd --reload
- 你需要如果您使用iptables来配置权限提升使用sudo
答
,将以下规则添加到etc/sysconfig/iptables中
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
然后运行以下命令来保存:iptables-restore </etc/sysconfig/iptables