SAP BI4.2 SP5 on RHEL7.4 Firewall Config

  • 4
  • 198 views
  • A+
所属分类:数据分析

#安装完服务之后,启动并设置防火墙
先查看关键服务的端口
netstat –apn
netstat –apn | grep mysql
netstat –apn | grep svn
netstat –apn | grep 8080
netstat –apn | grep 9090
……

#启动firewall服务
systemctl enable firewalld.service
systemctl start firewalld.service

#查询当前的启动项
ll /etc/rc.d/rc3.d

#放开必备的服务
firewall-cmd --permanent --add-service=network
firewall-cmd --permanent --add-service=mysql
firewall-cmd --permanent --add-service=nginx
firewall-cmd --permanent --add-service=php-fpm
firewall-cmd --permanent --add-service=mysql
firewall-cmd --permanent --add-service=SAPBOBJEnterpriseXI40

#放开服务的标准端口
firewall-cmd --zone=public --add-port=22/tcp --permanent
firewall-cmd --zone=public --add-port=58/tcp --permanent
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=323/tcp --permanent
firewall-cmd --zone=public --add-port=8080/tcp --permanent
firewall-cmd --zone=public --add-port=9090/tcp --permanent
firewall-cmd --zone=public --add-port=8443/tcp --permanent
firewall-cmd --zone=public --add-port=8005/tcp --permanent
firewall-cmd --zone=public --add-port=6400/tcp --permanent
firewall-cmd --zone=public --add-port=6410/tcp --permanent
firewall-cmd --zone=public --add-port=6405/tcp --permanent
firewall-cmd --zone=public --add-port=2638/tcp --permanent
firewall-cmd --zone=public --add-port=5801/tcp --permanent
firewall-cmd --zone=public --add-port=5901/tcp --permanent
firewall-cmd --zone=public --add-port=6001/tcp --permanent
firewall-cmd --zone=public --add-port=3690/tcp --permanent
firewall-cmd --zone=public --add-port=3306/tcp --permanent
firewall-cmd --reload

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

目前评论:4   其中:访客  4   博主  0

    • ag

      BO胖客户端无法连接上BO服务器,原因为防火墙拦截,可以暂时关闭防火墙。
      systemctl stop firewalld

        • ag

          @ag 由于胖客户端和服务器交互的端口似乎不固定,因此很难在服务器上做策略。

        • ag

          如果安装的是英文本的操作系统,记得安装中文字体,否则BO某些地方会显示乱码:
          https://www.gavindong.com/computer/centos7-rhel7-windows-fonts.html

          • ag

            如果提示Error: INVALID_SERVICE: ‘nginx’ not among existing services,可忽略,开启端口也可以。
            具体请看:
            The firewalld does not use the information from /etc/services to configure the firewall. firewalld has its own definition of the services which are based in the /etc/firewalld/services directory. You also can write your own definitions and place them in /etc/firewalld/services.

            https://ask.fedoraproject.org/en/question/107382/f25-invalid_service-submission-not-among-existing-services/