centos7下安装iptables防火墙,Apache,nginx

Centos7.0系统默认用firewall防火墙，先要停止firewall，然后安装iptables防火墙。注意在Centos7.0版本下，/etc/init.d/iptables restart 这样的命令是无效的，应该用systemctl命令。

#先关闭firewall
systemctl stop firewalld.service
#禁止firewall开机启动
systemctl disable firewalld.service
#查看防火墙状态
firewall-cmd –state
#安装iptables
yum install -y iptables
#安装iptables_services
yum install iptables-services

配置防火墙

vim /etc/sysconfig/iptables

允许80端口和3306通过防火墙

-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT 

 

#设置iptables开机启动
systemctl enable iptables.service
#开启防火墙
systemctl start iptables.service
#查看状态
systemctl status iptables.service

结果显示：Actice：active（exited）（高亮显示）

安装Apache

yum -y install httpd
#将Apache设置为开机启动
systemctl enable httpd.service

安装nginx

#nginx change

vi /etc/yum.repos.d/nginx.repo
#输入
[nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1

#保存
yum install nginx -y
cp nginx.conf /etc/nginx
mkdir /usr/share/nginx/logs
mkdir /etc/nginx/logs
sudo /usr/sbin/nginx -c /etc/nginx/nginx.conf
systemctl enable nginx
/usr/sbin/nginx
# service nginx start