SAP BI4.2 SP5 on RHEL7.4 Firewall Config

#安装完服务之后,启动并设置防火墙
先查看关键服务的端口
netstat –apn
netstat –apn | grep mysql
netstat –apn | grep svn
netstat –apn | grep 8080
netstat –apn | grep 9090
……

#启动firewall服务
systemctl enable firewalld.service
systemctl start firewalld.service

#查询当前的启动项
ll /etc/rc.d/rc3.d

#放开必备的服务
firewall-cmd –permanent –add-service=network
firewall-cmd –permanent –add-service=mysql
firewall-cmd –permanent –add-service=nginx
firewall-cmd –permanent –add-service=php-fpm
firewall-cmd –permanent –add-service=mysql
firewall-cmd –permanent –add-service=SAPBOBJEnterpriseXI40

#放开服务的标准端口
firewall-cmd –zone=public –add-port=22/tcp –permanent
firewall-cmd –zone=public –add-port=58/tcp –permanent
firewall-cmd –zone=public –add-port=80/tcp –permanent
firewall-cmd –zone=public –add-port=323/tcp –permanent
firewall-cmd –zone=public –add-port=8080/tcp –permanent
firewall-cmd –zone=public –add-port=9090/tcp –permanent
firewall-cmd –zone=public –add-port=8443/tcp –permanent
firewall-cmd –zone=public –add-port=8005/tcp –permanent
firewall-cmd –zone=public –add-port=6400/tcp –permanent
firewall-cmd –zone=public –add-port=6410/tcp –permanent
firewall-cmd –zone=public –add-port=6405/tcp –permanent
firewall-cmd –zone=public –add-port=2638/tcp –permanent
firewall-cmd –zone=public –add-port=5801/tcp –permanent
firewall-cmd –zone=public –add-port=5901/tcp –permanent
firewall-cmd –zone=public –add-port=6001/tcp –permanent
firewall-cmd –zone=public –add-port=3690/tcp –permanent
firewall-cmd –zone=public –add-port=3306/tcp –permanent
firewall-cmd –reload

本文作者: GavinDong

版权属于: GavinDong博客

文章链接: https://gavindong.com/1952.html

如果使用过程中遇到问题,可 **点击此处** 交流沟通。

版权所有,转载时必须以链接形式注明作者和原始出处及本声明。

(0)

回复 ag

登录后才能评论

评论列表(4条)

  • ag的头像
    ag 2018.03.14 18:35

    BO胖客户端无法连接上BO服务器,原因为防火墙拦截,可以暂时关闭防火墙。
    systemctl stop firewalld

    • ag的头像
      ag 2018.03.14 18:35

      @ag由于胖客户端和服务器交互的端口似乎不固定,因此很难在服务器上做策略。

  • ag的头像
    ag 2018.03.13 08:42

    如果安装的是英文本的操作系统,记得安装中文字体,否则BO某些地方会显示乱码:
    https://gavindong.com/computer/centos7-rhel7-windows-fonts.html

  • ag的头像
    ag 2018.01.12 11:46

    如果提示Error: INVALID_SERVICE: ‘nginx’ not among existing services,可忽略,开启端口也可以。
    具体请看:
    The firewalld does not use the information from /etc/services to configure the firewall. firewalld has its own definition of the services which are based in the /etc/firewalld/services directory. You also can write your own definitions and place them in /etc/firewalld/services.

    https://ask.fedoraproject.org/en/question/107382/f25-invalid_service-submission-not-among-existing-services/