在CentOS上开放港口问题

时间:2017-04-07 14:04:53

标签: centos

我正在使用CentOS 6机器。我试图遵循以下指南:

如果我在目标机器上运行nmap ipofmachine,我会得到这个奇怪的结果。

Host is up (0.0079s latency).
Not shown: 996 filtered ports
PORT     STATE  SERVICE
22/tcp   open   ssh
80/tcp   closed http
443/tcp  closed https
8080/tcp closed http-proxy

但是,当我运行sudo iptables -L时,我有以下输出:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:webcache 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:webcache 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http 
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
ACCEPT     icmp --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:http 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:https 
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:webcache 
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited 

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

我错过了什么吗?如果您需要更多信息,请告诉我(我正在尝试打开端口8080)。

2 个答案:

答案 0 :(得分:0)

为了允许特定端口上的连接,您必须配置CentoOS防火墙:

> sudo firewall-cmd --permanent --zone=public --add-port=8080/tcp
> sudo firewall-cmd --reload
  • 您需要使用sudo配置权限提升

答案 1 :(得分:0)

如果您使用的是IPTables,请将以下规则添加到etc / sysconfig / iptables

-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT

然后运行以下命令保存:iptables-restore<的/ etc / SYSCONFIG / iptables的