/*-----------------------------------------------------------------------------------------------------------------------*/
서버는 방화벽이 있어야겠지.. 설치해보자 centos7부터는 firewalld라고 함.
*참고 yum erase firewalld 패키지 삭제 몇번 지웠다 깔았다 해봐야됨..
/*----------------------------------------------------------------------------------------------------------------------*/
[root@localhost ~]# yum -y install firewalld firewall-config
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.oasis.onnetcorp.com
* extras: mirror.oasis.onnetcorp.com
* updates: mirror.oasis.onnetcorp.com
Resolving Dependencies
--> Running transaction check
---> Package firewall-config.noarch 0:0.3.9-11.el7 will be installed
---> Package firewalld.noarch 0:0.3.9-11.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
===================================================================================================================
Package Arch Version Repository Size
===================================================================================================================
Installing:
firewall-config noarch 0.3.9-11.el7 base 103 k
firewalld noarch 0.3.9-11.el7 base 465 k
Transaction Summary
===================================================================================================================
Install 2 Packages
Total download size: 569 k
Installed size: 3.1 M
Downloading packages:
(1/2): firewall-config-0.3.9-11.el7.noarch.rpm | 103 kB 00:00:00
(2/2): firewalld-0.3.9-11.el7.noarch.rpm | 465 kB 00:00:00
-------------------------------------------------------------------------------------------------------------------
Total 1.4 MB/s | 569 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : firewalld-0.3.9-11.el7.noarch 1/2
Installing : firewall-config-0.3.9-11.el7.noarch 2/2
Verifying : firewall-config-0.3.9-11.el7.noarch 1/2
Verifying : firewalld-0.3.9-11.el7.noarch 2/2
Installed:
firewall-config.noarch 0:0.3.9-11.el7 firewalld.noarch 0:0.3.9-11.el7
Complete!
[root@localhost ~]#
/*-----------------------------------------------------------------------------------------------------------------------*/
웹서버를 만드는 중이니 정책을 넣어야징 firewall-cmd로 정책 설정 가능
아파치 구동을 위해서는 80번포트를 사용하는걸로.. 그럼 시작
*참고 firewall-cmd --permanent 옵션은 서버재부팅/방화벽 재시작 시에도 적용되도록하는 옵션
/*----------------------------------------------------------------------------------------------------------------------*/
[root@localhost ~]# systemctl start firewalld.service <-(방화벽구동)
[root@localhost ~]# firewall-cmd --state <-(상태확인)
running <-(작동하고있네)
[root@localhost ~]# firewall-cmd --list-all <-(현재 정책을 보여줌)
public (default)
interfaces:
sources:
services: dhcpv6-client ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
[root@localhost ~]# firewall-cmd --add-port=80/tcp --permanent<-(아파치 실행을 위한 80번포트 개방)
success
[root@localhost ~]# firewall-cmd --reload <-(설정후 정책 다시 불러오기. 해주는게 좋음.)
success
[root@localhost ~]# firewall-cmd --list-all
public (default, active)
interfaces: enp0s25
sources:
services: dhcpv6-client ssh
ports: 80/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
/*-----------------------------------------------------------------------------------------------------------------------*/
여기까지 아파치 설정을 위한 방화벽 설치및 설정 끝. 부족한점은 계속 업데이트..
/*----------------------------------------------------------------------------------------------------------------------*/
