아마도 이런 스크립트가 누군가에게 도움이 되었습니까?
방화벽을 제거하고 INPUT 테이블의 현재 규칙을 플러시하므로 현재 구성된 모든 항목을 잃게됩니다 .
yum remove firewalld && yum install iptables-services
iptables --flush INPUT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Any packages related to an existing connection are OK
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT # ssh is OK
iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 3000 -j ACCEPT # Port 3000 for IPv4 is OK
iptables -A INPUT -j REJECT # any other traffic is not welcome - this should be the last line
service iptables save # Save IPv4 IPTABLES rules van memory naar disk
systemctl enable iptables # To make sure the IPv4 rules are reloaded at system startup
IPv6 트래픽에 의해 시스템이 (현재 또는 나중에) 도달 할 수있는 경우에 동일하게 원하는 것 같습니다.
ip6tables --flush INPUT
ip6tables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Any packages related to an existing connection are OK
ip6tables -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT # ssh is OK
ip6tables -A INPUT -m state --state NEW -m tcp -p tcp --dport 3000 -j ACCEPT # Port 3000 for IPv6 is OK
ip6tables -A INPUT -j REJECT # any other traffic is not welcome - this should be the last line
service ip6tables save # Save IPv6 IPTABLES rules van memory naar disk
systemctl enable ip6tables # To make sure the IPv6 rules are reloaded at system startup