Linux系统关闭防火墙、selinux方法

2022-10-09 16:44:40

1、防火墙服务关闭

systemctl stop firewalld
systemctl disable firewalld

1.1 查看防火墙状态

systemctl status firewalld

[root@server ~]# systemctl status firewalld.service 
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: active (running) since Mon 2020-12-14 15:24:39 CST; 4s ago
     Docs: man:firewalld(1)
 Main PID: 1625 (firewalld)
   CGroup: /system.slice/firewalld.service
           └─1625 /usr/bin/python -Es /usr/sbin/firewalld --nofork -...

Dec 14 15:24:38 server.study.vv systemd[1]: Starting firewalld - dyn...
Dec 14 15:24:39 server.study.vv systemd[1]: Started firewalld - dyna...
Hint: Some lines were ellipsized, use -l to show in full.

1.2 临时关闭防火墙服务

systemctl stop firewalld
systemctl status firewalld    --- 操作完成确认

[root@server ~]# systemctl stop firewalld.service 
[root@server ~]# systemctl status firewalld.service 
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:firewalld(1)

Dec 14 15:24:38 server.study.vv systemd[1]: Starting firewalld - dyn...
Dec 14 15:24:39 server.study.vv systemd[1]: Started firewalld - dyna...
Dec 14 15:26:43 server.study.vv systemd[1]: Stopping firewalld - dyn...
Dec 14 15:26:43 server.study.vv systemd[1]: Stopped firewalld - dyna...
Hint: Some lines were ellipsized, use -l to show in full.

1.3 永久关闭防火墙服务

systemctl disable firewalld

1.4 查看服务状态信息简便方法

systemctl is-active firewalld    --- 检查服务是否正常运行

[root@server ~]# systemctl is-active firewalld.service 
unknown

systemctl is-enabled firewalld    --- 检查确认服务是否开机运行
[root@server ~]# systemctl is-enabled firewalld.service 
disabled

2、selinux服务关闭

setenforce 0
sed -i.bak s/'^SELINUX=enforcing$'/'SELINUX=disabled'/g /etc/selinux/config

2.1 查看selinux服务状态

getenforce    --- 确认selinux服务是否开启或是关闭

[root@server ~]# getenforce 
Enforcing

2.2 临时关闭selinux服务

setenforce [1|0]    --- 1表示临时开启Enforcing，0表示临时关闭Permissive
getenforce    --- 关闭后确认

[root@server ~]# setenforce 0
[root@server ~]# getenforce 
Permissive

2.3 永久关闭selinux服务

修改/etc/selinux/config文件

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.    --- 服务处于正常开启状态
#     permissive - SELinux prints warnings instead of enforcing.    --- 服务被临时关闭了
#     disabled - No SELinux policy is loaded.    --- 服务被永久关闭
SELINUX=enforcing

第一步：修改配置文件

[root@server ~]# vi /etc/selinux/config 
SELINUX=disabled

第二步：系统重启生效配置

[root@server ~]# reboot

第三步：确认服务状态

[root@server ~]# getenforce 
Disabled

1、防火墙服务关闭

1.1 查看防火墙状态

1.2 临时关闭防火墙服务

1.3 永久关闭防火墙服务

1.4 查看服务状态信息简便方法

2、selinux服务关闭

2.1 查看selinux服务状态

2.2 临时关闭selinux服务

2.3 永久关闭selinux服务

第一步：修改配置文件

第二步：系统重启生效配置

第三步：确认服务状态

相关文章