hackerlpy 2017-04-25
/bin/systemctl stop firewalld.service
systemctl disable firewalld.service
yum install iptables-services
Package iptables-services-1.4.21-17.el7.x86_64 already installed and latest version
vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 6070 -j ACCEPT
/bin/systemctl start iptables.service
systemctl enable iptables.service
iptables -L
yum install nc
nc 106.14.21.223 6070
rpm –q telnet-client
[root@iZuf6492eksiqtd5hy86f8Z pay]# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
[root@iZuf6492eksiqtd5hy86f8Z pay]# iptables -t nat -A PREROUTING -p tcp --dport 16070 -j REDIRECT --to-port 6070
[root@iZuf6492eksiqtd5hy86f8Z pay]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
service iptables status
/bin/systemctl restart iptables iptables.service
/bin/systemctl start iptables iptables.service
/bin/systemctl stop iptables iptables.service
#查看已经开放的端口
[root@localhost bin]# netstat -tln
#查看网络连接
netstat -apn
#查看端口使用情况
[root@localhost bin]# lsof -i:3306
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
mysqld 2728 mysql 30u IPv6 27628 0t0 TCP *:mysql (LISTEN)
lsof -i TCP| fgrep LISTEN
[root@localhost bin]# netstat -anlp | grep 3306
tcp6 0 0 :::3306 :::* LISTEN 2728/mysqld
unix 3 [ ] STREAM CONNECTED 33068 3360/pulseaudio
[root@localhost bin]# nc -lp 9393 &
[root@localhost bin]# netstat -an | grep 9393
tcp 0 0 0.0.0.0:9393 0.0.0.0:* LISTEN
tcp6 0 0 :::9393 :::* LISTEN
vi /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 9393 -j ACCEPT
[root@localhost nescafe]# /bin/systemctl start firewalld.service