Otu esi emepe ọdụ ụgbọ mmiri maka adreesị IP akọwapụtara na Firewalld
Kedu ka m ga-esi kwe ka okporo ụzọ si na adreesị IP dị na netwọk nkeonwe m ma ọ bụ kwe ka okporo ụzọ si na netwọk nkeonwe site na firewalld, gaa n'ọdụ ụgbọ mmiri ma ọ bụ ọrụ na Red Hat Enterprise Linux (RHEL) ma ọ bụ CentOS server?
N'ime edemede a dị mkpirikpi, ị ga-amụta ka esi emepe ọdụ ụgbọ mmiri maka adreesị IP kpọmkwem ma ọ bụ netwọk netwọk na RHEL ma ọ bụ CentOS nkesa gị na-agba ọkụ firewalld.
Ụzọ kachasị mma isi dozie nke a bụ iji mpaghara firewalld. Yabụ, ịkwesịrị ịmepụta mpaghara ọhụrụ nke ga-ejide nhazi ọhụrụ (ma ọ bụ ị nwere ike iji mpaghara ọ bụla echekwara echekwabara).
Mepee ọdụ ụgbọ mmiri maka adreesị IP akọwapụtara na Firewalld
Buru ụzọ mepụta aha mpaghara kwesịrị ekwesị (n'ọnọdụ anyị, anyị ejirila mariadb-access
mee ka ịnweta sava nchekwa data MySQL).
# firewall-cmd --new-zone=mariadb-access --permanent
Na-esote, bugharịa ntọala firewalld ka itinye mgbanwe ọhụrụ ahụ. Ọ bụrụ na ịgafe nzọụkwụ a, ị nwere ike nweta mperi mgbe ị na-agbalị iji aha mpaghara ọhụrụ. N'oge a, mpaghara ọhụrụ kwesịrị ịpụta na listi mpaghara dịka e gosipụtara na nseta ihuenyo na-esonụ.
# firewall-cmd --reload # firewall-cmd --get-zones
Ọzọ, tinye adreesị IP isi iyi (10.24.96.5/20) na ọdụ ụgbọ mmiri (3306) nke ịchọrọ imeghe na sava mpaghara dịka egosiri. Wee bugharịa ntọala firewalld ka itinye mgbanwe ọhụrụ ahụ.
# firewall-cmd --zone=mariadb-access --add-source=10.24.96.5/20 --permanent # firewall-cmd --zone=mariadb-access --add-port=3306/tcp --permanent # firewall-cmd --reload
N'aka nke ọzọ, ịnwere ike ịhapụ okporo ụzọ site na netwọkụ niile (10.24.96.0/20) gaa na ọrụ ma ọ bụ ọdụ ụgbọ mmiri.
# firewall-cmd --zone=mariadb-access --add-source=10.24.96.0/20 --permanent # firewall-cmd --zone=mariadb-access --add-port=3306/tcp --permanent # firewall-cmd --reload
Iji gosi na mpaghara ọhụrụ ahụ nwere ntọala achọrọ dị ka agbakwunyere n'elu, jiri iwu na-esonụ lelee nkọwa ya.
# firewall-cmd --zone=mariadb-access --list-all
Wepu Port na Mpaghara na Firewalld
Ị nwere ike wepu adreesị IP ma ọ bụ netwọk isi iyi dịka egosiri.
# firewall-cmd --zone=mariadb-access --remove-source=10.24.96.5/20 --permanent # firewall-cmd --reload
Iji wepu ọdụ ụgbọ mmiri na mpaghara ahụ, nye iwu a, wee bugharịa ntọala firewalld:
# firewall-cmd --zone=mariadb-access --remove-port=3306/tcp --permanent # firewall-cmd --reload
Iji wepụ mpaghara ahụ, mee iwu na-esonụ, ma bugharịa ntọala firewalld:
# firewall-cmd --permanent --delete-zone=mariadb-access # firewall-cmd --reload
Ikpeazụ ma ọ bụghị ndepụta, ị nwekwara ike iji firewalld ọgaranya iwu. Nke a bụ ọmụmaatụ:
# firewall-cmd --permanent –zone=mariadb-access --add-rich-rule='rule family="ipv4" source address="10.24.96.5/20" port protocol="tcp" port="3306" accept'
Ntụaka: Iji na ịhazi firewalld na akwụkwọ RHEL 8.
Ọ bụ ya! Anyị na-atụ anya na azịza ndị dị n'elu baara gị uru. Ọ bụrụ ee, mee ka anyị mara site n'ụdị nzaghachi n'okpuru. Ị nwekwara ike ịjụ ajụjụ ma ọ bụ kesaa nkwupụta izugbe gbasara isiokwu a.