当前位置:网站首页>Perform general operations on iptables
Perform general operations on iptables
2022-07-06 15:46:00 【Empty one by one】
One 、 Sort out the allowed access to IP Address
1、ES client IP Address
192.168.32.120 192.168.32.121
2、 The node's location in cluster IP Address
192.168.32.122 192.168.32.123 192.168.32.124
Two 、 Sign in ES host (ubantu For example ), Execute the following command
# establish iptables Policy save path
mkdir -p /etc/iptables
# Allow hosts in the cluster IP Visit native 9200 port
iptables -A INPUT -s 192.168.32.123 -p tcp --dport 9200 -j ACCEPT
iptables -A INPUT -s 192.168.32.124 -p tcp --dport 9200 -j ACCEPT
# allow ES client IP Address access to this machine 9200 port
iptables -A INPUT -s 192.168.32.120 -p tcp --dport 9200 -j ACCEPT
iptables -A INPUT -s 192.168.32.121 -p tcp --dport 9200 -j ACCEPT
# Prohibit all except the above policy IP Visit native 9200 port ( The last item )
iptables -A INPUT -p tcp --dport 9200 -j REJECT
# If you want to add the above strategy basically iptables Strategy , Use -I Parameters
iptables -I INPUT -s 192.168.32.121 -p tcp --dport 9200 -j ACCEPT
# View the added iptables The rules
iptables -L -n --line-numbers
# Delete an added iptables The rules
iptables -D INPUT 1
# Save added iptables Rule to local file path
iptables-save > /etc/iptables/iptables.rules
# Recover from a saved file iptables The rules
iptables-restore < /etc/iptables/iptables.rules
# Configure automatic loading after power on iptables Policy file edit iptables after
End of input iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080 after
perform iptables-save
Be careful :iptables-save It's connected , It's a command , It's not a parameter
iptables-save Just list the current settings , This is not to save the configuration
If you use RedHat series , You should use service iptables save preservation , use chkconfig iptables on Enable startup
If it is not RedHat series , You can manually save... Using the following method / Restore configuration
preservation
iptables-save > /root/iptables.conf
recovery
iptables-restore < /root/iptables.conf边栏推荐
- TCP的三次握手与四次挥手
- Nodejs+vue网上鲜花店销售信息系统express+mysql
- 学习记录:使用STM32F1看门狗
- China's peripheral catheter market trend report, technological innovation and market forecast
- 0-1 knapsack problem (I)
- Research Report on shell heater industry - market status analysis and development prospect forecast
- Research Report on market supply and demand and strategy of China's land incineration plant industry
- 用C语言写网页游戏
- STM32 how to use stlink download program: light LED running light (Library version)
- Interesting drink
猜你喜欢
UCORE Lab 1 system software startup process
ucore lab5
STM32 learning record: LED light flashes (register version)
Ball Dropping
Record of force deduction and question brushing
csapp shell lab
程序员的你,有哪些炫技的代码写法?
信息安全-史诗级漏洞Log4j的漏洞机理和防范措施
Learning record: use STM32 external input interrupt
数据在内存中的存储&载入内存,让程序运行起来
随机推荐
【练习-7】(Uva 10976)Fractions Again?!(分数拆分)
mysql导入数据库报错 [Err] 1273 – Unknown collation: ‘utf8mb4_0900_ai_ci’
Accounting regulations and professional ethics [1]
信息安全-安全编排自动化与响应 (SOAR) 技术解析
ucore lab7
China's peripheral catheter market trend report, technological innovation and market forecast
Research Report of exterior wall insulation system (ewis) industry - market status analysis and development prospect prediction
程序员的你,有哪些炫技的代码写法?
nodejs爬虫
动态规划前路径问题优化方式
Indonesian medical sensor Industry Research Report - market status analysis and development prospect forecast
ucore lab 2
Cost accounting [16]
csapp shell lab
0-1 knapsack problem (I)
学习记录:TIM—基本定时器
Research Report of cylindrical grinder industry - market status analysis and development prospect forecast
Cost accounting [23]
Opencv learning log 15 count the number of solder joints and output
Cost accounting [13]