Urupapuro rwibanze / Ingingo /

Kugena Firewall muri Centos 7

Anonim

Kugena Firewall muri Centos 7

Firewall yashizwe muri sisitemu y'imikorere ikoreshwa mu gukumira traffike itemewe hagati yimiyoboro ya mudasobwa. Igitabo cyangwa gihita gitanga amategeko yihariye ya firewall, ashinzwe kugenzura. Muri OS, yateye imbere kuri kernel ya Linux, CONTOS 7 hari firewall yubatswe, kandi igenzurwa na firewall. Umuriro usanzwe urimo, kandi turashaka kubiganiraho uyu munsi.

Hindura Firewall muri Centos 7

Nkuko byavuzwe haruguru, firewall isanzwe muri Centos 7 yahawe agaciro firewal. Niyo mpamvu igenamigambi rya firewall rizasuzumwa kurugero rwiki gikoresho. Urashobora gushiraho amategeko ashungura hamwe nazo rimwe gusa, ariko birakorwa bitandukanye gato. Turasaba kubimenyereye hamwe niboneza ryingirakamaro ukanze kumurongo ukurikira, kandi tuzatangira kwicika intege.

Niba umaze guhagarika by'agateganyo cyangwa burundu guhagarika firewall, turagugira inama yo gukoresha amabwiriza yatanzwe muyindi ngingo ukurikije umurongo ukurikira.

Soma birambuye: Hagarika Firewall muri Centos 7

Reba amategeko asanzwe hamwe na zone zihendutse

Ndetse na firewall isanzwe ifite amategeko yayo asobanutse hamwe na zone. Mbere yo gutangira guhindura umunyapolitiki, turagugira inama yo kumenyera iboneza riho. Ibi bikorwa ukoresheje amategeko yoroshye:

  1. Agace gasanzwe kazerekana firewall-CMD - itegeko-risanzwe.

    2. Kureba Firewall Firewall muri Centos 7

  2. Nyuma yo gukora, uzabona umugozi mushya aho parameter yifuzwa izerekanwa. Kurugero, "ahatabaye" "bisuzumwa mumashusho hepfo.

    3. Kugaragaza akarere ka firewault muri Centos 7

  3. Ariko, uduce twinshi turashobora guhita dukora, usibye, bafitanye isano nimikorere itandukanye. Shakisha aya makuru ukoresheje Firewall-CMD --Gege-Zone-Zones.

    4. Reba aho bakora ibintu byose muri Centos 7

  4. Firewall-CMD - itegeko ryose rizerekana amategeko yashyizweho kuri zone isanzwe. Witondere amashusho hepfo. Urabona ko rubanda rukora "rubanda" rwahawe itegeko "risanzwe" - imikorere isanzwe, intera enp0s3 Imigaragarire na serivisi ebyiri zongeweho.

    5. Reba amategeko ya zone ikora ya pharyvol muri terminal muri Centos 7

  5. Niba ufite icyifuzo cyo kwiga ahantu hose haboneka firewall, andika Firewall-CMD - Zone.

    6. Kubona urutonde rwibice byose biboneka binyuze muri terminal muri Centos 7

  6. Ibipimo byakarere runaka bisobanuwe binyuze kuri firewall-cmd --Zone = izina - byose, nihe izina ryakarere.

    7. Kugaragaza Amategeko yubuso bwa firewall binyuze muri terminal muri Centos 7

Nyuma yo kumenya ibisabwa bisabwa, urashobora kwimukira mumpinduka zabo hanyuma wongere. Reka dusesengure inshuro nyinshi zigezweho muburyo burambuye.

Gushiraho interineti

Nkuko mubizi kumakuru hejuru, agace kawe gasanzwe gasobanurwa kuri buri nterineti. Bizaba birimo kugeza igenamiterere rihindura umukoresha cyangwa gahunda. Birashoboka kwimura intoki umurongo kuri zone kuri buri somo, kandi bikorwa mugukora sudo firewall-cmd --Zone = Urugo Itegeko - Itegeko-Imigaragarire = eth0. Igisubizo "Intsinzi" yerekana ko iyimurwa ryagenze neza. Wibuke ko igenamiterere nkiryo risubirwamo nyuma yo kongera gukoresha firewall.

Shinga interineti yihariye kubutaka bwa firewall muri Centos 7

Hamwe nimpinduka nkiyi mubipimo, bigomba kwizirikana ko imikorere ya serivisi ishobora gusubirwamo. Bamwe muribo ntibashyigikiye imikorere ahantu runaka, reka tuvuge, SSH nubwo igerwaho "murugo", ariko mumukoresha cyangwa serivisi idasanzwe izakora. Menya neza ko interineti yahujwe neza nishami rishya, yinjira muri firewall-cmd --ge-akarere.

Reba aho ukora prosenola hamwe nimikorere yacyo muri Centos 7

Niba ushaka gusubiramo igenamiterere ryakozwe mbere, kora gusa ubwunganire bwa firewall: sudo sisitemu yo gutangira firewal.Service.

Ongera utangire firewall nyuma yo guhinduranya muri Centos 7

Rimwe na rimwe, ntabwo buri gihe byoroshye guhindura interineti mugice kimwe gusa. Muri iki gihe, uzakenera guhindura dosiye iboneza kugirango igenamiterere ryose rishyizwe ku buryo buhoraho. Kugira ngo dukore ibi, turagugira inama yo gukoresha umwanditsi wa Nano, tukabarwa mububiko bwemewe bwa Sudo Yum shyira nano. Ibikurikira biracyari ibyo bikorwa:

  1. Fungura dosiye iboneza ukoresheje umwanditsi winjiye sudo nano / etc / sysconfig / umuyoboro-etcfg / eth0, aho eth0 nizina ryibisabwa.

    2. Gufungura dosiye ya firevol iboneza muri Centos 7

  2. Emeza konte yawe kwemeza kugirango ukore ibindi bikorwa.

    3. Injira ijambo ryibanga kugirango ufungure dosiye iboneza yimikoreshereze muri Centos 7

  3. Imiterere ya "Zone" kandi igahindure agaciro kayo, kurugero, rusange cyangwa murugo.

    4. Guhindura interineti ukoresheje dosiye iboneza muri Centos 7

  4. Fata Ctrl + o urufunguzo kugirango uzigame impinduka.

    5. Gufata amajwi mumyandiko yandika Contos 7

  5. Ntugahindure izina rya dosiye, ariko kanda gusa kuri Enter.

    6. Gutanga dosiye kugirango wandike impinduka muri centos wanditse 7

  6. Sohoka umwanditsi wanditse muri Ctrl + X.

    7. Sohoka umwanditsi wanditse nyuma ya centos 7

Noneho inkomoko ya interineti izaba imwe wabigaragaje, kugeza ubutaha guhindura dosiye iboneza. Kubipimo bigezweho, koresha sudo gahunda ya sisitemu yo gutangira imiyoboro.service na sudo sisitemu yo gutangira firewanld.Service.

Gushiraho akarere gasanzwe

Hejuru, tumaze kwerekana ikipe igufasha kwiga akarere gasanzwe. Irashobora kandi guhinduka mugushiraho ibipimo kubyo wahisemo. Kugirango ukore ibi, muri konsole, birahagije kwiyandikisha SUDO Firewall-CMD - isanzwe-ya zone = izina, niryo izina, nizina ryizina rya zone isabwa.

Intego ya zone isanzwe ya firewall muri Centos 7

Intsinzi y'Itegeko rizagaragaramo ko inyandiko "intsinzi" mu murongo wihariye. Nyuma yibyo, interineti zose zubu zizavuka kuri zone yagenwe, niba irindi ridasobanuwe muri dosiye iboneza.

Icyerekezo cyatsinze muri zone isanzwe muri Centos 7

Gukora amategeko kuri gahunda na Urwego

Mu ntangiriro yingingo, twaganiriye kubikorwa bya buri karere. Gusobanura serivisi, ibikorwa na gahunda mumashami bigomba kwemerera gukoresha ibipimo byihariye kuri buri kimwe muri buri mukoresha. Kugirango dutangire, turagugira inama yo kumenyera urutonde rwuzuye rwa serivisi ziboneka muriki gihe: Firewall-CMD - Serivisi.

Itegeko ryo kureba riboneka muri serivisi ya serivisi ya Centes 7

Igisubizo kizerekanwa muri konsole. Buri seriveri igabanijwe numwanya, kandi urashobora kubona byoroshye igikoresho ushimishijwe. Niba serivisi ikenewe ibuze, igomba kuba yarashyizweho. Ku Mategeko yo kwishyiriraho, soma mubyangombwa bya software.

Urutonde rwa serivisi ziboneka muri Centos 7

Itegeko ryavuzwe haruguru ryerekana gusa amazina ya serivisi. Ibisobanuro birambuye kuri buri kimwe muri byo kiboneka binyuze muri dosiye kugiti cye kumuhanda / usr / lib / firewalld / serivisi. Inyandiko nkizo zifite imiterere ya XML, inzira, kurugero, kuri ssh isa nkiyi: /USR/Firewalld/Sh.xml, kandi inyandiko ifite ibiyiti bikurikira:

Ssh.

Igikonoshwa kitekanye (ssh) ni protocole yo kwinjira no gukora amategeko kumashini ya kure. Itanga itumanaho ryizewe. Niba uteganya kugera kuri mashini yawe ukoresheje ssh hejuru yimikorere yaka umuriro, fasha ubu buryo. Ukeneye paki ya Opensh-seriveri yashyizwe kuriyi nzira kugirango ingirakamaro.

Inkunga ya serivisi ikora muri zone runaka intoki. Muri terminal, ugomba gushyiraho sudo firowall-cmd --Zone = rusange - Serivise = APORT-PORMOMS-REVER-SERIVISI-SERIVISI = HTTP - Izina rya serivisi. Menya ko impinduka nkizo zizemezwa gusa mugihe kimwe.

Ongeraho Serivisi kuri Contome ya Crotos 7

Kwiyongera guhoraho bikorwa binyuze muri Sudo Firewall-CMD --Zone = rusange - PORTMBent - SERIVISI = HYP, na ibisubizo "gutsinda" byerekana kurangiza neza ibikorwa.

Ihoraho yongeraho serivisi muri Cenvola ya 7

Urashobora kureba urutonde rwuzuye rwakarere runaka ugaragaza urutonde mumurongo wihariye wa konsole: sudo firewall-cmd --Zone = rusange - serivisi-rusange.

Reba urutonde rwa serivisi zihoraho Centos 7

Ikibazo cyo gufata ibyemezo kubwo kubura serivisi

Amategeko asanzwe ya firewall agaragazwa nibikorwa bizwi cyane kandi bifite umutekano nkuko byemewe, ariko porogaramu zisanzwe cyangwa za gatatu zihagarara. Muri iki kibazo, umukoresha akeneye gufata intoki kugirango ahindure igenamiterere kugirango bakemure ikibazo. Urashobora kubikora muburyo bubiri butandukanye.

Icyambu

Nkuko mubizi, serivisi zose zurusobe zikoresha icyambu cyihariye. Bigaragara byoroshye na firewall, kandi ibirungo birashobora gukorwa. Kugira ngo wirinde ibikorwa nkibi muri firewall, ugomba gufungura icyambu cyifuzwa cya sudo firewall-cmd --Zone - Port-Port-TCP, AHO - URUBUGA Port = 0000 / TCP - Umubare wa Port na protocole. Firewall-CMD - Ihitamo ryanditse rizerekana urutonde rwibyambu bifunguye.

Gufungura icyambu muri ceneto ya Firewos 7

Niba ukeneye gufungura ibyambu birimo intera, koresha SMD Umugozi wa SMDewall --Zone = rusange - Port-Icyambu = 000099 / UDP - Urubanza na protocole yabo.

Gufungura icyambu muri croncola yihariye ya cenetos 7

Amabwiriza yavuzwe haruguru akwemerera kugerageza gukoresha ibipimo bisa. Niba yaranyuze neza, ugomba kongeramo ibyambu bimwe, kandi ibi bikorwa winjiza sudo firewall-cmd --Zone = rusange - PMP ya TCP cyangwa SudoWall-CMD - Zone = rusange --permanent - icyambu = 0000-9999 / UDP. Urutonde rwibimenyetso bihamye bifatwa nkibi bikurikira: SMDO Firewall-CMD --Zone = rusange - Prissmant - Ibyambu.

Ibisobanuro bya serivisi

Nkuko mubibona, ongeraho ibyambu ntibitera ingorane, ariko inzira iragoye mugihe ibyifuzo bikoresha amafaranga menshi. Gukurikirana ibyambu byose byakoreshejwe biragoye, urebye ko kwiyemeza serivisi bizaba byoroshye amahitamo:

  1. Gukoporora dosiye iboneza ukoresheje Sudo Cp /USR/Firewalld/Serml /SEMLY IZINA / Urugero rwa dosiye ya serivisi, nurugero.xml ni Izina rya kopi zayo.

    2. Gukoporora dosiye ya dosiye ya dosiye muri Centos 7

  2. Fungura kopi kugirango uhindure ukoresheje inyandiko iyo ari yo yose, kurugero, sudo nano /etc/firewalld/seamplevices/zemple.xml.

    3. Gutangira CONTOS CREONES 7

  3. Kurugero, twashizeho kopi ya serivisi ya HTTP. Muri inyandiko, ukubonaga ahanini metadata zitandukanye, kurugero, izina rigufi namagambo. Ireba seriveri gukora gusa impinduka za nimero yicyambu na protocole. Hejuru yumugozi "" ugomba kongerwaho kugirango ufungure icyambu. TCP - Yakoreshejwe Porotokole, a 0000 - nimero ya Port.

    4. Ubugororangingo kuri dosiye ya serivisi kugirango ifungure ibyambu muri Centos 7

  4. Bika impinduka zose (Ctrl + o), Funga dosiye (Ctrl + X), hanyuma utangire firewall kugirango ukoreshe ibipimo binyuze muri Sudo Firewall-CMD --ReTaLe. Nyuma yibyo, serivisi izagaragara kurutonde rwibiboneka, ishobora kurebwa binyuze muri Firewall-CMD - Serivisi.

    5. Kugarura serivisi ya firevol muri Centos 7

Ugomba guhitamo gusa igisubizo gikwiye kubibazo bya serivisi kugirango ubone serivisi kandi usohoze amabwiriza yatanzwe. Nkuko mubibona, ibikorwa byose bikorwa byoroshye, kandi ntihagomba kubaho ingorane.

Gukora ahantu gakondo

Usanzwe uzi ko mu ntangiriro umubare munini wibice bitandukanye hamwe namategeko yasobanuwe muri Firewalld. Ariko, ibihe bibaho mugihe umuyobozi wa sisitemu akeneye gukora akarere k'umukoresha, nka "Reserweb" kuri web urubuga rwashyizweho cyangwa "kwikorera kuri interineti" - kuri seriveri ya DNS. Kuri izi ngero zombi, tuzasesengura kongeramo amashami:

  1. Kora uturere twose duhoraho na sudo firewall-cmd --permanent --new-zone = cmdwob na sudo firewall-cmd - cmd - zone = zone.

    2. Ongeraho umukoresha mushya wa cetos 7

  2. Bazaboneka nyuma yo kongera kwishyura ibikoresho bya SMD - CMD --Beload. Kugaragaza uturere duhoraho, andika sudo firewall-cmd --permanent - aho-zone.

    3. Reba firewall yagenwe muri Centos 7

  3. Kubaha serivisi zikenewe, nka "ssh", "http" na "https". Ibi bikorwa na Sudo Firewall-CMD --Zone = Umunyamakuru Wedweb - Umunyamakuru-Servineb - CMDWob Ongeraho- serivisi = HTTPS, aho - Manzane = magicswab nizina rya zone kugirango wongere. Urashobora kureba ibikorwa bya serivisi mugutegereza Firewall-cmd --Zone = Umunyamakuru wa Recweb - Byose-Byose.

    4. Ongeraho Serivisi muri Centos 7

Duhereye kuriyi ngingo, wize gukora ahantu fatiro kandi wongere serivisi kuri bo. Tumaze kubabwira intera yo hejuru no gutanga ibisobanuro hejuru, urashobora kwerekana gusa amazina yukuri. Ntiwibagirwe gutangira firewall nyuma yo guhindura ikintu cyose gihoraho.

Nkuko mubibona, firewall firewall nigikoresho cya ecficly yagufasha gukora iboneza rya firewall. Biracyahari gusa kugirango umenye neza ko ibikorwa byatangiriye kuri sisitemu namategeko yihariye ahita atangira akazi kabo. Bikore hamwe na sudo sisitemu ishoboza firewalld itegeko.

Soma byinshi

Kuramo VoIP.dll ku Isi Ya Tanks
Kubikorwa byiza, isi y'ibigega irakenewe kugirango ubone amasomero yose akenewe kuri mudasobwa. Mubo biherereye kandi voip.dll ushinzwe ibice byijwi...
Tiworker.exe Utunganya Kohereza
Ibice byingenzi bya Windows, kimwe na porogaramu iyo ari yo yose, koresha ibikoresho bya sisitemu, ube imbaraga za CPU, ingano ya disiki ikomeye (ikomeye)...
Nigute ushobora guhagarika kwiyandikisha kuri iPhone
Ububiko bwa App muri iki gihe butanga abakiriya bayo ibintu byinshi bitandukanye byo gukuramo: Umuziki, firime, ibitabo, porogaramu. Rimwe na rimwe,...
Gukuramo abashoferi kuri scx-3205
Urukurikirane rw'ibikoresho byinshi bya Samsung Mulduncmuction kuri code rusange ifite icyitegererezo kinini, harimo 3205. Nyuma yo kugura ibikoresho...
Nigute Gusiba Internet Explorer kuva mudasobwa kuri Windows 7
Ntabwo ari ibanga umushakisha wa enterineti ya enterineti idakoresha cyane cyane kubakoresha bityo bamwe bashaka kubikuraho. Ariko mugihe ugerageza...
Kora hamwe na masike muri Photoshop
Mask nimwe mubikoresho byinshi byisi muri Photoshop. Bakoresha uburyo bwo gutunganya amashusho yangiza, gutanga ibintu, gukora inzibacyuho no gukoresha...
Foromaje kuri burger, ikigaragara
Amatungo y'intama: Amazina meza nibiranga, ubwoko bunini
Ubwoko bw'imyenda - ni iyihe marnics, ibyiciro byabo, izina, ibihimbano
Amafoto yizunguruka utazigera wibagirwa
10 Ibibazo bya Renault Avana, abaguzi batakeka
E420 Sorbittol, ubukorikori - ibikorwa ku buzima, inyungu no kugirira nabi, ibisobanuro
Kabarga: Umumarayika Umunuko, Abadayimoni
amakuru ashimishije ku bijanye n'igitsina tantric, amategeko yayo
Guhuza kokayine birashobora kugenwa nurutoki
Byose kuri Dühs - Cherry na Hybrides
Amaguru yinyuma yimbwa arimo gutanga inzira no gutatana: icyo gukora | impamvu, impamvu
Impamvu 23 zo Kwita ku Isabukuru ya Jennifer Lawrence
Inzira Nziza Nziza Zireba Kuva kumunsi wa 5 na 6 wicyumweru cyimyambarire ya Paris
Jennifer Aniston Amafoto | Jennifer Aniston style | Jennifer Aniston pics
Amasezerano ya Verdun
Amavuta y'ingurube ya Vietnam-Style hamwe na salade nziza y'ibyatsi
Hobby Lobby Amaboko arenga 5.500 yatumijwe mu buryo butemewe n'amategeko
Niki Port ya USB kuri Nest Mwaramutse Yakoreshejwe?
Ibirayi hamwe na foromaje byokeje resept | Ibikoresho bike cyane kubiryo byo hejuru
Amasosiyete meza yo gukodesha ibikoresho byiza byo muri 2022
Isaha y'ubururu niyihe?
Kim Kardashian yigeze kugira ubwoba ko 'Ntuzongere Kujya Guhuza Igitsina'
Soho Loft hamwe na Honey-Comb Skylight Amaherezo Igurisha Miliyoni 2.15 Nyuma yamezi 6 kumasoko
NASA mubyogajuru NASA ivuga kubyerekeye gusubira murugo mubuzima
Nigute ushobora guteka umuceri uhumanye neza / Mu isafuriya, guteka buhoro, microwave - ingingo yo mu gice "Uburyo bwo guteka" kurubuga
Kwihorera bitanga inkuru ikomeye iteye ubwoba kubyerekeye iterabwoba ryegereje umubyeyi
Nigute ushobora gushushanya imisumari yawe mugihe cy'itumba: amabara nubuhanga bwo kwiyerekana
Uburyo Neurocomic Yinjira mumutwe wawe
Abagore b'ibyamamare bafite ADHD Bize Kumurika
Samuel L. Jackson arengera Quentin Tarantino gukoresha 'N-ijambo'
Abakoresha Firefox mwirinde: CCleaner ihanagura igenamiterere rya Firefox muburyo busanzwe
Rihanna Yohereje Ubutumwa Bwubwiza Namafoto Yurubuga Yerekana Inkovu za Model
Kurenga kuri Beatles: Ihuza rya George Harrison ritunguranye na SFF
7 Ubwiza bwa Ford F-150 Umurabyo Amashanyarazi Ikamyo
Komeza Guhuza Inzira Yubwenge Na Whatsapp - Kohereza no Kwakira Ubutumwa Kubusa
'Igitangaza': Uburyo Umwamikazi Yishyize hamwe kugirango akore Classic

© 2024 Gusana mudasobwa
Mudasobwa na terefone nziza - uburyo bwo gukora no gusana, inama zingirakamaro

nl en af am ar az be bg bn bs ca ceb cs cy da de el eo es et eu fa fi fr fy ga gl gu ha he hi hmn hr ht hu hy id ig is it ja jv ka kk km kn ko ku ky lb lo lt lv mg mk ml mn mr ms mt my ne no ny or pa pl ps pt ro rw sd si sk sl sm sn so sq sr st su sv sw ta te tg th tk tl tr tt ug uk ur uz vi xh yi yo zh-CN zh-TW zu