编辑iptables防火墙，让80端口不工作 [英] Edit IPTables firewall to enable port 80 doesnt work

问题描述

我已经配置我的/ etc / sysconfig中/ iptables文件接受端口80（非手工，但根据教程文件编辑得到正确的方式）。该文件看起来像：

I have configured my /etc/sysconfig/iptables file to accept port 80 (not manually, but the file got edited the correct way according to tutorials). The file looks like:

sy# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 5353 -d 224.0.0.251 -j ACCE$
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

根据我的教程（以及其他TUTS）行告诉端口80 -j ACCEPT应该做的伎俩，让80端口，但是禁用我的防火墙后才它的实际工作（危险..）。

According to my tutorial (and other tuts) the line telling port 80 -j ACCEPT should do the trick to enable port 80, but only after disabling my firewall it actually works (danger..).

我能做些什么来进一步编辑我的防火墙接受80端口？我只有通过SSH访问。

What can i do to edit my firewall further to accept port 80? I only have access through SSH.

-

我已经加入

-A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT

我的表中删除

-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

但没有做的伎俩。

but that did not do the trick.

推荐答案

我发现我的IPTables设置无关与firewalld。它完全忽略了（废话.. iptables的是另一种应用程序，使用不同的配置文件比firewalld）。

I found out that my IPTables settings had nothing to do with firewalld. It was completely ignored (duh.. iptables is another app, using different config files than firewalld).

我已经firewalld删除，并取得了iptables的默认防火墙。

I have removed firewalld, and made iptables the default firewall.

删除firewalld

Remove firewalld

安装（如果尚未安装）的iptables

install (if not installed already) iptables

修改的/ etc / sysconfig中/ iptables的

添加

-A INPUT -m状态--state NEW -m -p tcp的TCP --dport 80 -j ACCEPT ​​

执行以下命令（Fedora的，最有可能的所有红帽发行的）：

execute the following command (fedora, most likely all redhat distro's):

# service iptables save

或执行以下命令（Debian的，Ubuntu的，最有可能所有的Debian发行版的）

or execute the following command (debian, ubuntu, most likely all debian distro's)

# /etc/init.d/iptables save

这篇关于编辑iptables防火墙，让80端口不工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！