#安装完服务之后,启动并设置防火墙
先查看关键服务的端口
netstat –apn
netstat –apn | grep mysql
netstat –apn | grep svn
netstat –apn | grep 8080
netstat –apn | grep 9090
……
#启动firewall服务
systemctl enable firewalld.service
systemctl start firewalld.service
#查询当前的启动项
ll /etc/rc.d/rc3.d
#放开必备的服务
firewall-cmd –permanent –add-service=network
firewall-cmd –permanent –add-service=mysql
firewall-cmd –permanent –add-service=nginx
firewall-cmd –permanent –add-service=php-fpm
firewall-cmd –permanent –add-service=mysql
firewall-cmd –permanent –add-service=SAPBOBJEnterpriseXI40
#放开服务的标准端口
firewall-cmd –zone=public –add-port=22/tcp –permanent
firewall-cmd –zone=public –add-port=58/tcp –permanent
firewall-cmd –zone=public –add-port=80/tcp –permanent
firewall-cmd –zone=public –add-port=323/tcp –permanent
firewall-cmd –zone=public –add-port=8080/tcp –permanent
firewall-cmd –zone=public –add-port=9090/tcp –permanent
firewall-cmd –zone=public –add-port=8443/tcp –permanent
firewall-cmd –zone=public –add-port=8005/tcp –permanent
firewall-cmd –zone=public –add-port=6400/tcp –permanent
firewall-cmd –zone=public –add-port=6410/tcp –permanent
firewall-cmd –zone=public –add-port=6405/tcp –permanent
firewall-cmd –zone=public –add-port=2638/tcp –permanent
firewall-cmd –zone=public –add-port=5801/tcp –permanent
firewall-cmd –zone=public –add-port=5901/tcp –permanent
firewall-cmd –zone=public –add-port=6001/tcp –permanent
firewall-cmd –zone=public –add-port=3690/tcp –permanent
firewall-cmd –zone=public –add-port=3306/tcp –permanent
firewall-cmd –reload
本文作者: GavinDong
版权属于: GavinDong博客
文章链接: https://gavindong.com/1952.html
如果使用过程中遇到问题,可 **点击此处** 交流沟通。
版权所有,转载时必须以链接形式注明作者和原始出处及本声明。
评论列表(4条)
BO胖客户端无法连接上BO服务器,原因为防火墙拦截,可以暂时关闭防火墙。
systemctl stop firewalld
@ag:由于胖客户端和服务器交互的端口似乎不固定,因此很难在服务器上做策略。
如果安装的是英文本的操作系统,记得安装中文字体,否则BO某些地方会显示乱码:
https://gavindong.com/computer/centos7-rhel7-windows-fonts.html
如果提示Error: INVALID_SERVICE: ‘nginx’ not among existing services,可忽略,开启端口也可以。
具体请看:
The firewalld does not use the information from /etc/services to configure the firewall. firewalld has its own definition of the services which are based in the /etc/firewalld/services directory. You also can write your own definitions and place them in /etc/firewalld/services.
https://ask.fedoraproject.org/en/question/107382/f25-invalid_service-submission-not-among-existing-services/