1 개요[ | ]How To Disable/Enable The Iptables Firewall in LinuxHow To Turn off/Turn on Linux Firewall리눅스 iptables 끄기, 켜기리눅스 OS 방화벽 비활성화/활성화 하기
service iptables stop /etc/init.d/iptables stop service iptables start /etc/init.d/iptables start 2 끄기[ | ][root@zetawiki ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@zetawiki ~]# service iptables stop iptables: Setting chains to policy ACCEPT: filter [ OK ] iptables: Flushing firewall rules: [ OK ] iptables: Unloading modules: [ OK ] [root@zetawiki ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination 3 켜기[ | ][root@zetawiki ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@zetawiki ~]# service iptables start iptables: Applying firewall rules: [ OK ] [root@zetawiki ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination 4 같이 보기[ | ]
5 참고[ | ]
[root@ThunderMail ~]# iptables -L Chain FORWARD (policy ACCEPT) Chain OUTPUT (policy ACCEPT) 이렇게 나오면 방화벽 정책이 깔끔하게 작동하지 않는 것입니다. ------------------------------------------------------------------------------------------------------------- [root@~]# iptables -L Chain FORWARD (policy ACCEPT) Chain OUTPUT (policy ACCEPT) 이건 방화벽이 동작하고 있을때의 모습입니다. [root@ThunderMail ~]# cat
/etc/sysconfig/iptables # SSH Connection # ThunderMail Service -A INPUT -j REJECT --reject-with icmp-host-prohibited 위 설정파일에서 방화벽 정책을 수정하고 #service iptables restart 요렇게 하면 실적용됩니다. |