centos6.5虚拟机安装后,没有iptables配置文件
openstack环境里安装centos6.5系统的虚拟机,安装好后,发现没有/etc/syscofig/iptables防火墙配置文件。解决办法如下:
# iptables -P OUTPUT ACCEPT
# /etc/init.d/iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:
这样,/etc/sysconfig/iptables配置文件就有了
# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.4.7 on Wed Aug 31 01:14:57 2016
*filter
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
COMMIT
# Completed on Wed Aug 31 01:14:57 2016
再补充点其他内容配置:
# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.4.7 on Wed Aug 31 01:14:57 2016
*filter
:INPUT ACCEPT
:FORWARD ACCEPT
:OUTPUT ACCEPT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -s 192.168.1.0/24 -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Wed Aug 31 01:14:57 2016
# /etc/init.d/iptables restart
iptables: Setting chains to policy ACCEPT: filter
iptables: Flushing firewall rules:
iptables: Unloading modules:
iptables: Applying firewall rules:
#
页:
[1]