添加iptables规则

# 单个端口
iptables -A INPUT -p tcp --dport 22 -j ACCEPT

# 多个端口
iptables -A INPUT -p tcp -m multiport --dports 6443,8443,2379,2380,10250 -j ACCEPT

删除iptables规则

# 显示iptables规则行号
iptables -nL --line-numbers

# 删除某行规则
iptables -D INPUT 11

持久化iptables(重启仍生效)

持久化iptables规则,添加规则到文件中/etc/sysconfig/iptables

# vi /etc/sysconfig/iptables

-A INPUT -p vrrp -j ACCEPT
-A OUTPUT -p vrrp -j ACCEPT

或者

apt-get install iptables-persistent

netfilter-persistent save
netfilter-persistent reload

# 生成的规则存储在以下文件
/etc/iptables/rules.v4
/etc/iptables/rules.v6
Copyright © www.huweihuang.com 2017-2018 all right reserved,powered by GitbookUpdated at 2024-07-04 10:17:35

results matching ""

    No results matching ""