Lorem ipsum dolor sit amet, consectetur adipiscing elit. Test link

Search Suggest

Disable selinux on Centos 7 and set firewall-cmd

1.check status selinux enable or disable
#vim /etc/sysconfig/selinux
and Reboot system
ถ้าปิด Selinux ผิดจะขึ้น Error แบบนี้ : failed to load selinux policy freezing
ในหน้าบู๊ด ให้กด e แล้วมองหา linux16 แล้วเพิ่ม selinux=0 เข้าไป แล้ว ctrl+x เพื่อเข้าสู่ระบบ จากนั้นไปแก้ไขค่า
SELINUX=disabled ตามข้อมูลด้านบน
Go to the main command (usually starting with “linux16” or something similar) and add “selinux=0” as one of the parameters:
Ref: selinux policy freezing

Ref: disable-selinux-temporarily-permanently-in-centos-rhel-fedora/

2. Enable / Disable service

systemctl enable smb.service
systemctl enable nmb.service
systemctl restart smb.service
systemctl restart nmb.service

Restatr/Reload service
systemctl reload smb.service
systemctl restart smb.service

Check service runnig
systemctl list-unit-files
chkconfig --list |grep ชื่อของ service
systemctl | more
systemctl | grep httpd
systemctl list-units --type service

systemctl list-units --type service |grep ชื่อของ service
systemctl list-units --type mount

systemctl | grep smartd

View service running

systemctl stop firewalld
systemctl mask firewalld
yum install iptables-services
systemctl enable iptables
systemctl start iptablesmkdir
service iptables save

- iptables command
-A RH-Firewall-1-INPUT -p udp -m udp --dport 137 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 138 -j ACCEPT-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT

Check filrewall running ?
firewall-cmd --statesystemctl status firewalldSet firewalld
List service on zone public
firewall-cmd --zone=public --list-all
List only port
firewall-cmd --list-ports

Add service
# firewall-cmd --zone=public --permanent --add-service=samba
# firewall-cmd --zone=public --permanent --add-service=http
# firewall-cmd --reload
Remove service

#firewall-cmd --zone=public --remove-service=http

Add Port

firewall-cmd --zone=public --permanent --add-port=10000/tcp
firewall-cmd --zone=public --permanent --add-port=2500-2600/tcp

Delete port
firewall-cmd --remove-port=6161/tcp
firewall-cmd --zone=public --permanent --remove-port=10000/tcp
firewall-cmd --zone=public --permanent --remove-port=2500-2600/tcp

Save firewall
firewall-cmd --runtime-to-permanent
firewall-cmd --reload
firewall-cmd --get-services 

Ref: https://www.centos.org/forums/viewtopic.php?t=61108
Ref: quick-docs firewalld
Ref: firewall-cmd config

Đăng nhận xét