我有一个CentOS 7服务器,我打开了SNMP连接的端口.
即使我可以在这里看到端口打开:
[matias@Centos_7_VM ~]$ sudo firewall-cmd --list-all [sudo] password for matias: public (active) target: default icmp-block-inversion: no interfaces: ens33 sources: services: ssh dhcpv6-client ports: 80/tcp 10050/tcp 50000/tcp 161/tcp 160/tcp protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
当我试图从外面击中这个端口时,我总是得到关闭它.即使是nmap也同意这一点:
Starting Nmap 7.01 ( https://nmap.org ) at 2018-08-01 14:52 -03 Nmap scan report for Centos_7_VM (192.168.43.216) Host is up (0.52s latency). Not shown: 996 filtered ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 161/tcp closed snmp 50000/tcp closed ibm-db2
我还能做些什么来打开这些端口? (是的,当我最初打开端口时,我重新加载了firewalld.)
SNMP是UDP协议,而不是TCP协议.所以你需要打开UDP端口,即161 / udp.
更好的是,只需指定服务名称,firewalld将负责处理.
firewall-cmd <options> --add-service=snmp