2,801 瀏覽數

CentOS 7 – Firewall , SELinux

因為實驗室單純試 Linux 下的某些功能,所以為了避免影響測試,我們會將 Firewall 以及 SELinux 關閉(安裝完預設都是開啟的).

Firewall

立即停止 Firewall (iptables) 功能.

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
[root@localhost ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

調整開機後不要啟動 Firewall (iptables) 功能.

[root@localhost ~]# systemctl disable firewalld
[root@localhost ~]# systemctl list-unit-files |grep -i firewalld
firewalld.service                           disabled

SELinux

只能調整開機後不要啟動 selinux 功能.所以必須重新開關機.

[root@localhost ~]# vi /etc/sysconfig/selinux 
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled
#SELINUX=enforcing
# SELINUXTYPE= can take one of three two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

[root@localhost ~]# reboot
[root@localhost ~]# sestatus 
SELinux status:                 disabled

#SELINUX 預設為 enforcing 需要修改成為 disabled .

網友的想法

  1. 自動參照通知: VNC – tigervnc – Benjr.tw

發表迴響