今天發現之前為了測試用途架設的splunk突然無法連線,本來也沒特別在意,以為是splunk daemon出問題,但重裝後,發現一樣連不到,檢查servie一些daemon也都顯示正常,後來才想起可能是iptables的原因,一把iptable stop就馬上可以連結,由於對iptables不是很熟,就直接抄襲系統預設都ssh port 直接copy把,splunk web 的default port 8000打開
##/etc/sysconfig/iptables
[root@splunk ~]# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8000 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
沒有留言:
張貼留言