31
Kloxo-MR Technical Helps / Re: Centos 6.8 to 7x
« on: 2017-06-21, 17:53:40 »
If I understand what you say Kloxo 7 is compatible with centos 7x, but better if you use 6.8?
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
]# yum list firewall*
Loaded plugins: fastestmirror, presto, priorities, protectbase, replace
Loading mirror speeds from cached hostfile
mratwork-epel/metalink | 21 kB 00:00
* base: ftp.freepark.org
* extras: ftp.freepark.org
* mratwork-epel: mirror.atomki.mta.hu
* mratwork-ius-archive: mirror.amsiohosting.net
* mratwork-ius-stable: mirror.amsiohosting.net
* mratwork-release-neutral-noarch: rpms.mratwork.com
* mratwork-release-version-arch: rpms.mratwork.com
* mratwork-webtatic: uk.repo.webtatic.com
* updates: ftp.freepark.org
base | 3.7 kB 00:00
extras | 3.4 kB 00:00
mratwork-epel | 4.3 kB 00:00
mratwork-epel/primary_db | 5.9 MB 00:00
mratwork-google-mod-pagespeed | 951 B 00:00
mratwork-ius-archive | 2.4 kB 00:00
mratwork-ius-archive/primary_db | 3.3 MB 00:00
mratwork-ius-stable | 2.3 kB 00:00
mratwork-ius-stable/primary_db | 209 kB 00:00
mratwork-mariadb | 2.9 kB 00:00
mratwork-nginx | 2.9 kB 00:00
mratwork-nginx/primary_db | 68 kB 00:00
mratwork-nginx-stable | 2.9 kB 00:00
mratwork-release-neutral-noarch | 1.3 kB 00:00
mratwork-release-version-arch | 1.2 kB 00:00
mratwork-varnish-3.0 | 951 B 00:00
mratwork-webtatic | 3.6 kB 00:00
updates | 3.4 kB 00:00
0 packages excluded due to repository protections
Error: No matching Packages to list
which firewall
/usr/bin/which: no firewall in (/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/s bin:/usr/bin:/root/bin)
/etc/init.d/iptables stop
chkconfig iptables off
vi /etc/init.d/firewall
#!/bin/sh
# firewall
# chkconfig: 3 21 91
# description: Starts, stops iptables firewall
case "$1" in
start)
# Clear rules
iptables -t filter -F
iptables -t filter -X
echo - Clear rules : [OK]
# SSH In
iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT
echo - SSH : [OK]
# Don't break established connections
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
echo - established connections : [OK]
# Block all connections by default
iptables -t filter -P INPUT DROP
iptables -t filter -P FORWARD DROP
iptables -t filter -P OUTPUT DROP
echo - Block all connections : [OK]
# SYN-Flood Protection
iptables -N syn-flood
iptables -A syn-flood -m limit --limit 10/second --limit-burst 50 -j RETURN
iptables -A syn-flood -j LOG --log-prefix "SYN FLOOD: "
iptables -A syn-flood -j DROP
echo - SYN-Flood Protection : [OK]
# Loopback
iptables -t filter -A INPUT -i lo -j ACCEPT
iptables -t filter -A OUTPUT -o lo -j ACCEPT
echo - Loopback : [OK]
# ICMP (Ping)
iptables -t filter -A INPUT -p icmp -j ACCEPT
iptables -t filter -A OUTPUT -p icmp -j ACCEPT
echo - PING : [OK]
# DNS In/Out
iptables -t filter -A OUTPUT -p tcp --dport 53 -j ACCEPT
iptables -t filter -A OUTPUT -p udp --dport 53 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 53 -j ACCEPT
iptables -t filter -A INPUT -p udp --dport 53 -j ACCEPT
echo - DNS : [OK]
# NTP Out
iptables -t filter -A OUTPUT -p udp --dport 123 -j ACCEPT
echo - NTP : [OK]
# WHOIS Out
iptables -t filter -A OUTPUT -p tcp --dport 43 -j ACCEPT
echo - WHOIS : [OK]
# FTP Out
iptables -t filter -A OUTPUT -p tcp --dport 20:21 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 45000:65000 -j ACCEPT
# FTP In
iptables -t filter -A INPUT -p tcp --dport 20:21 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 45000:65000 -j ACCEPT
iptables -t filter -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
echo - FTP : [OK]
# HTTP + HTTPS Out
iptables -t filter -A OUTPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 443 -j ACCEPT
# HTTP + HTTPS In
iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 443 -j ACCEPT
echo - HTTP/HTTPS : [OK]
# Mail SMTP:25
iptables -t filter -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 25 -j ACCEPT
echo - SMTP : [OK]
# Mail SMTP:465
iptables -t filter -A INPUT -p tcp --dport 465 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 465 -j ACCEPT
echo - SMTP : [OK]
# Mail SMTP:587
iptables -t filter -A INPUT -p tcp --dport 587 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 587 -j ACCEPT
echo - SMTP : [OK]
# Mail POP3:110
iptables -t filter -A INPUT -p tcp --dport 110 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 110 -j ACCEPT
echo - POP : [OK]
# Mail IMAP:143
iptables -t filter -A INPUT -p tcp --dport 143 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 143 -j ACCEPT
echo - IMAP : [OK]
# Kloxo
iptables -t filter -A INPUT -p tcp --dport 7777:7778 -j ACCEPT
iptables -t filter -A OUTPUT -p tcp --dport 7777:7778 -j ACCEPT
echo - Kloxo : [OK]
echo - Firewall [OK]
exit 0
;;
stop)
echo "Stopping Firewall... "
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -t filter -F
echo "Firewall Stopped!"
exit 0
;;
restart)
/etc/init.d/firewall stop
/etc/init.d/firewall start
;;
*)
echo "Usage: /etc/init.d/firewall {start|stop|restart}"
exit 1
;;
esac
chmod 700 /etc/init.d/firewall
chkconfig --add firewall
chkconfig --level 2345 firewall on
/etc/init.d/firewall start
/etc/init.d/firewall stop
/etc/init.d/firewall restart
..::
Monetize Your Website with ylliXmedia ::..
..:: Online Advertising that Sale Anything with ylliXmedia ::.. |
Page created in 0.05 seconds with 17 queries.