SLES 12 sp2开启SuSEfirewall2 防火墙后,放行VRRP协议 (用于keepalived搭建高可用规则)
centos 6下面修改防火墙
vi /etc/sysconfig/iptables 增加这个
-A INPUT -p 112 -d 224.0.0.0/32 -j ACCEPT #-p 112指定协议为112,也可-p vrrp即vrrp,keepalived组播地址是224.0.0.18
centos7下面改防火墙
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface enp4s0 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
firewall-cmd --reload
suse下面修改防火墙
vi /etc/sysconfig/SuSEfirewall2
将下面这行的注释去掉
FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-custom"
并将下面这行注释掉
FW_CUSTOMRULES=""
然后
vi /etc/sysconfig/scripts/SuSEfirewall2-custom
fw_custom_before_port_handling() {
# these rules will be loaded after the anti-spoofing and icmp handling
# and after the input has been redirected to the input_XXX and
# forward_XXX chains and some basic chain-specific anti-circumvention
# rules have been set,
# but before any IP protocol or TCP/UDP port allow/protection rules
# will be set.
# You can use this hook to allow/deny certain IP protocols or TCP/UDP
# ports before the SuSEfirewall2 generated rules are hit.
#添加下面这行
iptables -A INPUT -p vrrp -j ACCEPT -d 224.0.0.18
true
}
http://www.kikikoo.com/uid-20794884-id-5704461.html
谢谢谷歌,谢谢上面这位大神~
参考: https://docs.oracle.com/cd/E37670_01/E41138/html/section_ksr_psb_nr.html
最新文章
- css flex布局
- mysql 查询数据库表结构
- Oracle日期语言修改
- 正在使用MJRefresh & MJExtension的App
- 【UVA 1586】Ancient Cipher
- 手机开机画面制作工具(LogoBuilder)
- python一些技巧
- win7 vs2010 安装cocos2d-x
- 64位平台C/C++开发注意事项(转载)
- 【转】mysql函数
- Swift 学习笔记 (三) 之循环引用浅析
- Python【第二课】 字符串,列表,字典,集合,文件操作
- 在vue项目中引入jquery
- 使用 git clone 的时候出现 fatal: Unable to find remote helper for 'https' 解决办法
- 读《SQL优化核心思想》:你不知道的优化技巧
- net.sf.json.JSONException: 'object' is an array. Use JSONArray instead
- python with 语句妙用
- jdbc一次性采集mysql和oracle的海量数据,5000W+为例
- BeanUtils简化数据封装
- 如何用手机访问电脑上的html文件