麒麟系统Kylin Linux 关闭防火墙
<p>防火墙管理工具 (通常是 <strong>firewalld</strong> 或 <strong>iptables</strong>)</p><h3><strong>1. 检查当前防火墙服务</strong></h3>
<p class="ds-markdown-paragraph">首先确认系统使用的是哪种防火墙:</p>
<div class="cnblogs_code">
<pre>sudo systemctl status firewalld<span style="color: rgba(0, 128, 0, 1)">#</span><span style="color: rgba(0, 128, 0, 1)"> 检查 firewalld 状态</span>
sudo systemctl status iptables <span style="color: rgba(0, 128, 0, 1)">#</span><span style="color: rgba(0, 128, 0, 1)"> 检查 iptables 状态</span></pre>
</div>
<p>如果 firewalld 是 active (running),则使用 方法 2。</p>
<p>如果 iptables 是 active,则使用 方法 3。</p>
<p><img src="https://img2024.cnblogs.com/blog/109594/202505/109594-20250513100905381-539599512.png" alt="" width="572" height="277" loading="lazy"></p>
<h3><strong>2. 关闭 firewalld(默认推荐)</strong></h3>
<h4><strong>临时关闭(重启后恢复)</strong></h4>
<div class="cnblogs_code">
<pre>sudo systemctl stop firewalld <span style="color: rgba(0, 128, 0, 1)">#</span><span style="color: rgba(0, 128, 0, 1)"> 停止防火墙</span>
sudo systemctl disable firewalld <span style="color: rgba(0, 128, 0, 1)">#</span><span style="color: rgba(0, 128, 0, 1)"> 禁止开机启动</span></pre>
</div>
<h4><strong>验证状态</strong></h4>
<div class="cnblogs_code">
<pre>sudo systemctl status firewalld <span style="color: rgba(0, 128, 0, 1)">#</span><span style="color: rgba(0, 128, 0, 1)"> 应显示 "inactive (dead)"</span>
sudo firewall-cmd --state <span style="color: rgba(0, 128, 0, 1)">#</span><span style="color: rgba(0, 128, 0, 1)"> 应返回 "not running"</span></pre>
</div>
<p><img src="https://img2024.cnblogs.com/blog/109594/202505/109594-20250513101538127-260898021.png" alt="" width="591" height="233" loading="lazy"></p>
<h3><strong>3. </strong><strong><strong>恢复防火墙</strong></strong></h3>
<h3> </h3>
<div class="cnblogs_code">
<pre>sudo systemctl start firewalld <span style="color: rgba(0, 128, 0, 1)">#</span><span style="color: rgba(0, 128, 0, 1)"> 重新启动</span>
sudo systemctl enable firewalld <span style="color: rgba(0, 128, 0, 1)">#</span><span style="color: rgba(0, 128, 0, 1)"> 设置开机启动</span></pre>
</div>
<p> </p>
<h3><strong>4. 关闭 iptables(传统方法)</strong></h3>
<p class="ds-markdown-paragraph">如果系统使用 <code>iptables</code>,运行以下命令:</p>
<h4><strong>临时清空规则</strong></h4>
<div class="cnblogs_code">
<pre>sudo iptables -F <span style="color: rgba(0, 128, 0, 1)">#</span><span style="color: rgba(0, 128, 0, 1)"> 清空所有规则</span>
sudo iptables -X <span style="color: rgba(0, 128, 0, 1)">#</span><span style="color: rgba(0, 128, 0, 1)"> 删除自定义链</span>
sudo iptables -Z <span style="color: rgba(0, 128, 0, 1)">#</span><span style="color: rgba(0, 128, 0, 1)"> 计数器归零</span></pre>
</div>
<h4><strong>永久关闭</strong></h4>
<div class="cnblogs_code">
<pre>sudo systemctl stop iptables <span style="color: rgba(0, 128, 0, 1)">#</span><span style="color: rgba(0, 128, 0, 1)"> 停止服务</span>
sudo systemctl disable iptables <span style="color: rgba(0, 128, 0, 1)">#</span><span style="color: rgba(0, 128, 0, 1)"> 禁用开机启动</span></pre>
</div>
<p> </p><br><br>
来源:https://www.cnblogs.com/hailexuexi/p/18873830
頁:
[1]