1、關(guān)閉firewall：

systemctl stop firewalld.service #停止firewall

systemctl disable firewalld.service #禁止firewall開機(jī)啟動

firewall-cmd --state #查看默認(rèn)防火墻狀態(tài)（關(guān)閉后顯示notrunning，開啟后顯示running）

systemctl disable firewalld

yum remove firewalld -y

2、iptables防火墻

yum install iptables-services -y

systemctl enable iptables

vi/etc/sysconfig/iptables #編輯防火墻配置文件

# sampleconfiguration for iptables service

# you can edit thismanually or use system-config-firewall

# please do not askus to add additional ports/services to this default configuration

*filter

:INPUT ACCEPT [0:0]

:FORWARD ACCEPT[0:0]

:OUTPUT ACCEPT[0:0]

-A INPUT -m state--state RELATED,ESTABLISHED -j ACCEPT

-A INPUT -p icmp -jACCEPT

-A INPUT -i lo -jACCEPT

-A INPUT -p tcp -mstate --state NEW -m tcp --dport 22 -j ACCEPT

-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -jACCEPT

-A INPUT -p tcp -m state --state NEW -m tcp --dport 8080-j ACCEPT

-A INPUT -j REJECT--reject-with icmp-host-prohibited

-A FORWARD -jREJECT --reject-with icmp-host-prohibited

COMMIT

:wq! #保存退出

systemctl restart iptables.service #最后重啟防火墻使配置生效

systemctl enable iptables.service #設(shè)置防火墻開機(jī)啟動