[root@iZ28b8ytwvkZ ~]# yum install iptables #安装防火墙
[root@iZ28b8ytwvkZ ~]#rm -rf /etc/sysconfig/iptables #删除防火墙规则
[root@localhost ~]# vi /etc/sysconfig/iptables #编辑防火墙规则
[root@localhost ~]# service iptables stop #关闭防火墙
[root@localhost ~]# service iptables start #开启防火墙
[root@localhost ~]# service iptables restart #重启防火墙
编辑防火墙:
[root@localhost ~]#vi /etc/sysconfig/iptables #编辑防火墙规则
------------开始------------------------------------------------
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 58.56.89.221 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 124.128.23.78 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 10.162.203.174 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 10.171.30.167 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 10.171.30.230 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 10.162.210.21 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp -s 10.171.30.146 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
~
-----------结束-------------------------------------------------------------
[root@localhost ~]# chkconfig iptables off #永久关闭防火墙
[root@localhost ~]#chkconfig --levels 235 iptables on && chkconfig --list iptables #启动和查看防火墙
测试
telnet 182.92.64.142 21
telnet 182.92.158.5 21
telnet 182.92.158.79 21
telnet 182.92.128.252 21
telnet 182.92.159.109 21