CentOS7默认的防火墙不是iptables,而是firewalle.
禁用/停止自带的firewalld服务
#停止firewalld服务
systemctl stop firewalld
#禁用firewalld服务
systemctl mask firewalld
安装 iptable
#检查是否安装了iptables
service iptables status
#安装iptables
yum install -y iptables
#安装iptables-services
yum install iptables-services
创建iptalbes文件
到 /etc/sysconfig 这个目录下 vi iptables 添加规则
# Generated by iptables-save v1.4.21 on Sat Apr 25 00:39:38 2020
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [2:224]
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -m state --state ESTABLISHED -j ACCEPT
COMMIT
# Completed on Sat Apr 25 00:39:38 2020
保存上述规则
开启iptables服务
#注册iptables服务
#相当于以前的chkconfig iptables on
systemctl enable iptables.service
#开启服务
systemctl start iptables.service
#查看状态
systemctl status iptables.service
重启防火墙使配置生效
systemctl restart iptables.service