当前位置:网站首页>Perform general operations on iptables
Perform general operations on iptables
2022-07-06 15:46:00 【Empty one by one】
One 、 Sort out the allowed access to IP Address
1、ES client IP Address
192.168.32.120 192.168.32.121
2、 The node's location in cluster IP Address
192.168.32.122 192.168.32.123 192.168.32.124
Two 、 Sign in ES host (ubantu For example ), Execute the following command
# establish iptables Policy save path
mkdir -p /etc/iptables
# Allow hosts in the cluster IP Visit native 9200 port
iptables -A INPUT -s 192.168.32.123 -p tcp --dport 9200 -j ACCEPT
iptables -A INPUT -s 192.168.32.124 -p tcp --dport 9200 -j ACCEPT
# allow ES client IP Address access to this machine 9200 port
iptables -A INPUT -s 192.168.32.120 -p tcp --dport 9200 -j ACCEPT
iptables -A INPUT -s 192.168.32.121 -p tcp --dport 9200 -j ACCEPT
# Prohibit all except the above policy IP Visit native 9200 port ( The last item )
iptables -A INPUT -p tcp --dport 9200 -j REJECT
# If you want to add the above strategy basically iptables Strategy , Use -I Parameters
iptables -I INPUT -s 192.168.32.121 -p tcp --dport 9200 -j ACCEPT
# View the added iptables The rules
iptables -L -n --line-numbers
# Delete an added iptables The rules
iptables -D INPUT 1
# Save added iptables Rule to local file path
iptables-save > /etc/iptables/iptables.rules
# Recover from a saved file iptables The rules
iptables-restore < /etc/iptables/iptables.rules
# Configure automatic loading after power on iptables Policy file edit iptables after
End of input iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080 after
perform iptables-save
Be careful :iptables-save It's connected , It's a command , It's not a parameter
iptables-save Just list the current settings , This is not to save the configuration
If you use RedHat series , You should use service iptables save preservation , use chkconfig iptables on Enable startup
If it is not RedHat series , You can manually save... Using the following method / Restore configuration
preservation
iptables-save > /root/iptables.conf
recovery
iptables-restore < /root/iptables.conf边栏推荐
- ucore lab 2
- 学习记录:STM32F103 时钟系统概述工作原理
- 数据在内存中的存储&载入内存,让程序运行起来
- STM32 learning record: play with keys to control buzzer and led
- 洛谷P1102 A-B数对(二分,map,双指针)
- Research Report on pharmaceutical R & D outsourcing service industry - market status analysis and development prospect forecast
- Opencv learning log 18 Canny operator
- 【高老师软件需求分析】20级云班课习题答案合集
- China earth moving machinery market trend report, technical dynamic innovation and market forecast
- Flink 使用之 CEP
猜你喜欢
Optimization method of path problem before dynamic planning
Learning record: Tim - capacitive key detection
力扣刷题记录
STM32學習記錄:輸入捕獲應用
【高老师软件需求分析】20级云班课习题答案合集
X-Forwarded-For详解、如何获取到客户端IP
学习记录:USART—串口通讯
Borg Maze (BFS+最小生成树)(解题报告)
信息安全-安全编排自动化与响应 (SOAR) 技术解析
Eslint--- error: newline required at end of file but not found (EOL last) solution
随机推荐
Determine the Photo Position
差分(一维,二维,三维) 蓝桥杯三体攻击
Cost accounting [17]
Research Report on shell heater industry - market status analysis and development prospect forecast
Opencv learning log 14 - count the number of coins in the picture (regardless of overlap)
【练习-6】(Uva 725)Division(除法)== 暴力
【练习-10】 Unread Messages(未读消息)
Cost accounting [15]
最全编程语言在线 API 文档
【练习-11】4 Values whose Sum is 0(和为0的4个值)
Learning record: USART serial communication
洛谷P1102 A-B数对(二分,map,双指针)
HDU - 6024 Building Shops(女生赛)
Research Report of cylindrical grinder industry - market status analysis and development prospect forecast
【练习-9】Zombie’s Treasure Chest
毕业才知道IT专业大学生毕业前必做的1010件事
信息安全-安全编排自动化与响应 (SOAR) 技术解析
ucorelab3
Accounting regulations and professional ethics [1]
C语言数组的概念