我在CentOS机器上用iptables打开端口25是个问题。 我用'nmap'和'telnet'检查了连接,但都失败了。
我做了以下的尝试使这项工作:
iptables -I INPUT -p tcp --dport 25 -j ACCEPT /sbin/service iptables save /sbin/service iptables restart 输出:
# iptables -L -n Chain INPUT (policy DROP) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:32315 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8443 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:465 Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination # nmap localhost Starting Nmap 5.51 ( http://nmap.org ) at 2014-02-08 01:46 CET Nmap scan report for localhost (127.0.0.1) Host is up (0.000015s latency). Not shown: 996 closed ports PORT STATE SERVICE 80/tcp open http 443/tcp open https 2222/tcp open EtherNet/IP-1 8443/tcp open https-alt Nmap done: 1 IP address (1 host up) scanned in 0.16 seconds
iptables规则是好的,但根据nmap的输出,我不认为你有任何服务运行在该端口。
通过运行以下命令来确认:
netstat -nltp | grep 25
如果输出在该端口中没有显示任何内容,请确保启动相应的服务。