# Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -i lo -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 61616 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22000 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22001 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22010 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22011 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 20008 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 20007 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 2181 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 2888 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 3888 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 8020 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 50075 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 50020 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 50070 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 50010 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 20001 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 18080 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 1521 -j ACCEPT -A INPUT -j DROP -A FORWARD -j DROP -A OUTPUT -j ACCEPT COMMIT
service iptables restart
service iptables status
微信扫一扫打赏
