centos 单用户模式关闭防火墙（CentOS single user mode closes firewall）

centos 单用户模式关闭防火墙（CentOS single user mode closes firewall） centos 单用户模式关闭防火墙(CentOS single user mode closes firewall) Through a long time CentOS system learning, we learn more knowledge, here, we mainly study the CentOS system in the normal state, the host server boot (or restart), to automatically boot Linux boot to multi user mode guided by the system program, and to provide the normal network service. If the system administrator needs to maintain the system or start an exception when the system starts, you need to enter the single user mode or fix mode to manage the system. The premise of using the single user mode is that your system boot (grub) works properly, otherwise you need to use the fix mode for system maintenance. Special note: entering single user mode, no network services, remote connections are not supported The different operation level in CentOS system (Run Level) on behalf of the running state of the system, such as a Linux server running operating at Level 3, is a multi user mode can provide network services; and the operation level 1 only allows administrator to operate through a single console server host, namely "single user mode". Take CentOS system as an example: The CentOS system enters single user mode The premise of entering the single user mode is that the CentOS system boot can work properly. Take GRUB as an example to illustrate the entry method. In the GRUB Startup menu, there are three buttons, "a", "e" and "C", which can enter the single user mode using the three keys. Use the "a" button to enter the single user mode - Recommended: simple operation This is the fastest way for CentOS systems to enter single user mode. In the GRUB Startup menu, use the a operation button to edit the kernel parameter, and enter single at the end of the line to tell the Linux kernel that the subsequent boot process needs to enter the single user mode and enter the carriage. After entering the single user mode When the CentOS system into single user mode, do not need to enter a username and password, the CentOS system will start after the completion of root to get the administrator permissions, the console prompt "#". Console interface in single user mode In the boot information above, there is a message that is critical: Remounting root filesystem in read-write mode:[OK] indicates the root file in this single user mode, and the CentOS system is in a readable and writable state. Only the root file system is readable and written, CentOS system administrators can maintain the system. If the system configuration and script file errors, the root file system in single user mode to enter the "read-only file system" read-only, at this point, you can use the following command to read and write the way to mount the root file system: Sh-3.1 mount -o remount RW -t # / ext3 When the CentOS system into single user mode, because has stopped any network services and network configuration (network interface invalid), there will not be any other person (through the network) running state interference in CentOS system, the administrator can be assured of the system of the CentOS system level maintenance operation. In the single user mode, the CentOS system is a fully functional operating system in addition to having no network function. In the single user mode, you can do the following maintenance and management: Reset the super user password Maintain partitions of the CentOS system, LVM, and file systems Backup and restore CentOS system A typical application of a single user mode is the password settings for root users". CentOS system for some temporary use or experimental purposes (such as students, laboratory) often replace users and root users password may be lost, then you can change into single user mode root user password. Sh-3.1 passwd # Changing, password, for, user, root. New UNIX password: Retype new UNIX password: Passwd: all authentication tokens updated successfully. CentOS when the system into single user mode, execute the passwd command in the "#" prompt root can update the user's password, the system is restarted when the CentOS can use the updated root password to log on to the system. CentOS close firewall method Daquan Browse: 155| update: 2013-10-05 00:59 CentOS is the Linux release of first contact with friends may not know CentOS firewall method is what? Next, this article will introduce using the command line to close the CentOS firewall. We can use the following command: #/sbin/iptables, -I, INPUT, -p, TCP, --dport, 80, -j, ACCEPT #/sbin/iptables, -I, INPUT, -p, TCP, --dport, 22, -j, ACCEPT #/etc/rc.d/init.d/iptables save After you restart your computer, the firewall has opened 80 and 22 ports by default by two. Temporarily completely shut down the firewall, you can not restart the machine: #/etc/init.d/iptables status ## view firewall status #/etc/init.d/iptable stop ## the firewall #/etc/init.d/iptable restart ## to restart the firewall Permanently close the firewall: #chkconfig --level 35 iptables off (note that the middle is two small British short line, restart) The way to set up the firewall open port is as follows: VI /etc/sysconfig/iptables When you change your firewall, you'd better leave the management port of VNC and SSH. Here is an example of iptables: # Firewall configuration written by system-config-securitylevel Manual customization of this file is # not recommended.*filter : INPUT, ACCEPT, [0:0] : FORWARD, ACCEPT, [0:0] : OUTPUT, ACCEPT, [0:0] : RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A, RH-Firewall-1-INPUT, -i, lo, -j, ACCEPT 一rh-firewall-1-input P ICMP–ICMP类型任何-j ACCEPT 一rh-firewall-1-input P 50 -j ACCEPT 一rh-firewall-1-input P 51 -j ACCEPT 一rh-firewall-1-input M状态–状态建立，相关-j ACCEPT 一rh-firewall-1-input M状态–状态新米的TCP -p tcp–--dport 53 -j ACCEPT 一rh-firewall-1-input M状态–状态新M P UDP UDP–--dport 53 -j ACCEPT 一rh-firewall-1-input M状态–状态新米的TCP -p tcp–--dport 22 -j ACCEPT 一rh-firewall-1-input M状态–状态新米的TCP -p tcp–--dport 25 -j ACCEPT 一rh-firewall-1-input M状态–状态新米的TCP -p tcp–--dport 80 -j ACCEPT 一rh-firewall-1-input M状态–状态新米的TCP -p tcp–--dport 443 -j ACCEPT 一rh-firewall-1-input J拒绝–拒绝ICMP主机禁止 承诺 要根据自己需求情况来修改这个文件，举例来说，如果你不希望开放80端口提供Web服务，那么应该相应的删除这一行: 一rh-firewall-1-input M状态–状态新米的TCP -p tcp–--dport 80 -j ACCEPT 全部修改完之后重启iptables: 重启防火墙 你可以验证一下是否规则都已经生效:iptables -L 这样，我们就完成了CentOS防火墙的设置修改。