iptables selinux is CentOS 6.5 and two built-in firewall, powerful, complex configuration, the novice very unfriendly.
Sometimes, the configuration file is correct, but the service can not start, mostly because they were intercepted by two firewalls.
The proposed closure beginner Linux iptables and selinux, then turn to be proficient.
1. Turn off iptables
>>> View 1.1 iptables status
[Root @ ~] #: /etc/init.d/iptables status # iptables status View
Form: filter # Running
Chain the INPUT (Policy ACCEPT)
NUM target Prot opt Source Where do you want
1 ACCEPT All - The RELATED 0.0.0.0/0 0.0.0.0/0 State, the ESTABLISHED
...
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
>>> 1.2 temporary closure iptables, after a system reboot, iptables automatically open again
[Root @ ~] #: /etc/init.d/iptables stop # temporarily shut down, restart failure
iptables: the chain to policy ACCEPT: filter [OK]
iptables: Clear firewall rules: [OK]
iptables: being unloaded: [OK]
[root @ ~] #: /etc/init.d/iptables status # again to see
iptables: not running a firewall.
>>> 1.3 permanently closed iptables, to take effect after a system reboot.
[Root @ ~] #: chkconfig iptables off # permanent closure, effective after reboot.
[Root @ ~] #: reboot # reboot
[root @ ~] #: /etc/init.d/iptables Status
iptables: not running a firewall. # Reboot does not automatically turn on, indicating that it has permanently closed
To re-open iptables, use chkconfig iptables on, reboot the system.
2. Turn off selinux
>>> 2.1 after temporary closure selinux, system restart, selinux automatically turned on again
[Root @ ~] #: / usr / sbin / sestatus # View selinux state
SELinux status: enabled # 可用
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 24
Policy from config file: targeted
[Root @ ~] #: setenforce 0 # temporarily shut down, restart failure
[the root @ ~] #: / usr / sbin / sestatus
the SELinux Status: Enabled # shown here is "available", but is not available
...
>>> 2.2 take effect permanently closed selinux, reboot the system
[Root @ ~] #: vi / etc / selinux / config # modify the configuration
1
2 # This file controls the state of SELinux on the system.
3 # SELINUX= can take one of these three values:
4 # enforcing - SELinux security policy is enforced.
5 # permissive - SELinux prints warnings instead of enforcing.
6 # disabled - No SELinux policy is loaded.
7 SELINUX=disabled # # 改 enforcing 为 disabled(不可用)
8 # SELINUXTYPE= can take one of these two values:
9 # targeted - Targeted processes are protected,
10 # mls - Multi Level Security protection.
11 SELINUXTYPE=targeted
# Save and exit.
[Root @ ~] #: init 6 # reboot
[root@ ~]#: /usr/sbin/sestatus
SELinux status: disabled # 不可用,说明已关闭
如需再次开启 selinux, 修改配置文件, 改 SELINUX=disabled 为 SELINUX=enforcing,重启系统即可.