CentOS 6
Sponsored Link

FireWall
2014/08/01
[1] It's possible to show Service Status of FireWall like follows. (enabled by default)
[root@dlp ~]#
/etc/rc.d/init.d/iptables status

Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
4    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
5    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited
.....
.....
# if it's not running, it shows "iptables: Firewall is not running."

[2]
If you use FireWall service, it needs to modify settings of it because incoming requests for services are mostly not allowed by default. Refer to here to basic operation and settings to configure iptables service.
[3] If FireWall service does not need for you because of some reasons like that some FireWall Machines are running in your Local Netowrk or others, it's possbile to stop and disable it like follows.
# stop service

[root@dlp ~]#
/etc/rc.d/init.d/iptables stop

iptables: Setting chains to policy ACCEPT: filter [  OK  ]
iptables: Flushing firewall rules: [  OK  ]
iptables: Unloading modules: [  OK  ]

# disable service

[root@dlp ~]#
chkconfig iptables off
SELinux
[4] It's possible to show Status of SELinux (Security-Enhanced Linux) like follows. (enabled by default)
[root@dlp ~]#
getenforce

Enforcing    
# SELinux is enabled
[5]
[6] If SELinux function does not need for you because of some reasons like that your server is running only in Local safety Network or others, it's possbile to disable it like follows.
[root@dlp ~]#
vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=disabled   # change to disabled
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

# restart to apply new setting

[root@dlp ~]#
Matched Content
 
Tweet