修复MySQL漏洞防火墙策略(CentOS7)

开启防火墙后,确认ssh端口是否开放(firewall-cmd --query-port=22/tcp),若未开放则开放。(firewall-cmd --permanent --add-port=22/tcp``firewall-cmd --reload

  1. 开启防火墙
    service firewalld start

  2. 查看3306端口是否开放
    firewall-cmd --query-port=3306/tcp

  3. 关闭3306端口
    firewall-cmd --permanent --remove-port=3306/tcp
    firewall-cmd --reload

  4. 设置特定IP可以访问3306端口
    firewall-cmd --permanent --add-rich-rule="rule family=ipv4 source address=x.x.x.x port port=3306 protocol=tcp accept"
    firewall-cmd --reload

posted on 2021-06-28 22:51  Simle  阅读(255)  评论(0编辑  收藏  举报

Powered by: 博客园 Copyright © 2024 Simle
Powered by .NET 8.0 on Kubernetes