[Linux] Centos7 / iptables 설정

 

[Linux] Centos7 iptables configration

 

1. Firewalld 를 중지

[root@localhost ~]# systemctl stop firewalld 
[root@localhost ~]# systemctl mask firewalld
 

2. iptables를 설치

[root@localhost ~]# yum install iptables 
[root@localhost ~]# yum install iptables-services
 

3. iptables 설치확인
[root@localhost ~]# rpm -qa | grep iptables
iptables-1.8.4-20.el8.x86_64
iptables-ebtables-1.8.4-20.el8.x86_64
iptables-services-1.8.4-20.el8.x86_64
iptables-libs-1.8.4-20.el8.x86_64
 

4. 재부팅 자동시작 설정
[root@localhost ~]# systemctl enable iptables
 

5. iptables 시작
[root@localhost ~]# systemctl start iptables

6. iptables 동작 상태 확인
[root@localhost ~]# systemctl status iptables
* iptables.service - IPv4 firewall with iptables
   Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)
   Active: active (exited) since Thu 2021-11-25 23:45:26 EST; 2s ago
  Process: 57572 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
 Main PID: 57572 (code=exited, status=0/SUCCESS)

11<BF><F9> 25 23:45:26 localhost.localdomain systemd[1]: Starting IPv4 firewall with iptables...
11<BF><F9> 25 23:45:26 localhost.localdomain iptables.init[57572]: iptables: Applying firewall rules: [  OK  ]
11<BF><F9> 25 23:45:26 localhost.localdomain systemd[1]: Started IPv4 firewall with iptables.
 

#----------------------------------------------------

# iptables 설정하기


[root@localhost ~]# vi /etc/sysconfig/iptables

# 접근 허용 포트 추가
# (포트번호 : ssh(21), ftp(22), httpd(80))

-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT

[root@localhost ~]# systemctl restart iptables
[root@localhost ~]# systemctl restart httpd