{"id":311,"date":"2021-02-14T15:53:01","date_gmt":"2021-02-14T12:53:01","guid":{"rendered":"https:\/\/ittx.ru\/note\/?p=311"},"modified":"2021-03-02T20:42:19","modified_gmt":"2021-03-02T17:42:19","slug":"firewall_na_centos_7","status":"publish","type":"post","link":"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/","title":{"rendered":"Firewall \u043d\u0430 CentOS 7 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435"},"content":{"rendered":"\n<p>\u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e IT \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u0432 \u0442\u043e\u0439 \u0438\u043b\u0438 \u0438\u043d\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0442\u0430\u043b\u043a\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u0441 Firewall, \u0431\u0443\u0434\u044c \u0442\u043e \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0434\u043e\u043c\u0430\u0448\u043d\u0435\u0433\u043e \u0440\u043e\u0443\u0442\u0435\u0440\u0430 \u0438\u043b\u0438 \u0442\u043e\u043d\u043a\u0438\u0439 \u0442\u044e\u043d\u0438\u043d\u0433, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, VMWare EDGE NSX-V \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b. \u0421\u0435\u0433\u043e\u0434\u043d\u044f \u0440\u0430\u0441\u0441\u043a\u0430\u0436\u0443, \u043a\u0430\u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Firewall \u043d\u0430 CentOS 7.<\/p>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_16 counter-hierarchy counter-decimal ez-toc-transparent\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\">\u0421\u043e\u0434\u0435\u0440\u0436\u0430\u043d\u0438\u0435<\/p>\n<span class=\"ez-toc-title-toggle\"><a class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" style=\"display: none;\"><i class=\"ez-toc-glyphicon ez-toc-icon-toggle\"><\/i><\/a><\/span><\/div>\n<nav><ul class=\"ez-toc-list ez-toc-list-level-1\"><li class=\"ez-toc-page-1 ez-toc-heading-level-4\"><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/#%D0%92%D0%B2%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F_%D1%87%D0%B0%D1%81%D1%82%D1%8C_%D0%BF%D1%80%D0%BE_Firewall\" title=\"\u0412\u0432\u043e\u0434\u043d\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u043f\u0440\u043e Firewall\">\u0412\u0432\u043e\u0434\u043d\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u043f\u0440\u043e Firewall<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-4\"><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/#%D0%9E%D0%BF%D1%86%D0%B8%D0%B8_%D0%B8_%D0%BA%D0%BB%D1%8E%D1%87%D0%B8\" title=\"\u041e\u043f\u0446\u0438\u0438 \u0438 \u043a\u043b\u044e\u0447\u0438\">\u041e\u043f\u0446\u0438\u0438 \u0438 \u043a\u043b\u044e\u0447\u0438<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-4\"><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/#%D0%9F%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5_%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5_Firewall_%D0%BD%D0%B0_CentOS_7\" title=\"\u041f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 Firewall \u043d\u0430 CentOS 7\">\u041f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 Firewall \u043d\u0430 CentOS 7<\/a><ul class=\"ez-toc-list-level-5\"><li class=\"ez-toc-heading-level-5\"><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/#%D0%9E%D0%BA%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5\" title=\"\u041e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u0435\">\u041e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u0435<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-5\"><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/#%D0%97%D0%B0%D0%B4%D0%B0%D1%87%D0%B8\" title=\"\u0417\u0430\u0434\u0430\u0447\u0438\">\u0417\u0430\u0434\u0430\u0447\u0438<\/a><ul class=\"ez-toc-list-level-6\"><li class=\"ez-toc-heading-level-6\"><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/#%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D1%8C_%D0%BF%D0%BE%D1%80%D1%82_%D0%B4%D0%BB%D1%8F_%D0%B2%D0%BD%D0%B5%D1%88%D0%BD%D0%B8%D1%85_%D0%BF%D0%BE%D0%B4%D0%BA%D0%BB%D1%8E%D1%87%D0%B5%D0%BD%D0%B8%D0%B9\" title=\"\u041e\u0442\u043a\u0440\u044b\u0442\u044c \u043f\u043e\u0440\u0442 \u0434\u043b\u044f \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439\">\u041e\u0442\u043a\u0440\u044b\u0442\u044c \u043f\u043e\u0440\u0442 \u0434\u043b\u044f \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-6\"><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/#%D0%A0%D0%B0%D0%B7%D1%80%D0%B5%D1%88%D0%B8%D1%82%D1%8C_%D1%85%D0%BE%D0%B6%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5_%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%D0%B0_%D0%BC%D0%B5%D0%B6%D0%B4%D1%83_%D0%B8%D0%BD%D1%84%D1%80%D0%B0%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%82%D1%83%D1%80%D0%BD%D0%BE%D0%B9_%D1%81%D0%B5%D1%82%D1%8C%D1%8E_%D0%B8_%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%D0%BD%D0%BE%D0%B9\" title=\"\u0420\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c \u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043c\u0435\u0436\u0434\u0443 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u0441\u0435\u0442\u044c\u044e \u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u043d\u043e\u0439\">\u0420\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c \u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043c\u0435\u0436\u0434\u0443 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u0441\u0435\u0442\u044c\u044e \u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u043d\u043e\u0439<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-6\"><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/#%D0%A0%D0%B0%D0%B7%D1%80%D0%B5%D1%88%D0%B8%D1%82%D1%8C_%D0%B8%D0%BD%D1%84%D1%80%D0%B0%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%82%D1%83%D1%80%D0%BD%D0%BE%D0%B9_%D0%B8_%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%D0%BD%D0%BE%D0%B9_%D1%81%D0%B5%D1%82%D1%8F%D0%BC_%D0%B2%D1%8B%D1%85%D0%BE%D0%B4%D0%B8%D1%82%D1%8C_%D0%B2_%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82\" title=\"\u0420\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u043d\u043e\u0439 \u0441\u0435\u0442\u044f\u043c \u0432\u044b\u0445\u043e\u0434\u0438\u0442\u044c \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\">\u0420\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u043d\u043e\u0439 \u0441\u0435\u0442\u044f\u043c \u0432\u044b\u0445\u043e\u0434\u0438\u0442\u044c \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-6\"><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/#%D0%BF%D0%BE_%D0%BF%D0%BE%D1%80%D1%82%D1%83_9090_%D0%B4%D0%BE%D0%BB%D0%B6%D0%B5%D0%BD_%D0%BE%D1%82%D0%BA%D1%80%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%D1%81%D1%8F_1921682113_%D0%BF%D0%BE_%D0%BF%D0%BE%D1%80%D1%82%D1%83_9090_%D1%82%D0%B5_%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81_Prometheus\" title=\"\u043f\u043e \u043f\u043e\u0440\u0442\u0443 9090 \u0434\u043e\u043b\u0436\u0435\u043d \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c\u0441\u044f 192.168.211.3 \u043f\u043e \u043f\u043e\u0440\u0442\u0443 9090, \u0442.\u0435. \u0441\u0435\u0440\u0432\u0438\u0441 Prometheus\">\u043f\u043e \u043f\u043e\u0440\u0442\u0443 9090 \u0434\u043e\u043b\u0436\u0435\u043d \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c\u0441\u044f 192.168.211.3 \u043f\u043e \u043f\u043e\u0440\u0442\u0443 9090, \u0442.\u0435. \u0441\u0435\u0440\u0432\u0438\u0441 Prometheus<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-6\"><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/#%D1%87%D0%B5%D1%80%D0%B5%D0%B7_3000_%D0%B4%D0%BE%D0%BB%D0%B6%D0%B5%D0%BD_%D0%BE%D1%82%D0%BA%D1%80%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%D1%81%D1%8F_1921681115_%D0%BF%D0%BE_%D0%BF%D0%BE%D1%80%D1%82%D1%83_3000_%D1%82%D0%B5_%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81_Grafana\" title=\"\u0447\u0435\u0440\u0435\u0437 3000 \u0434\u043e\u043b\u0436\u0435\u043d \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c\u0441\u044f 192.168.111.5 \u043f\u043e \u043f\u043e\u0440\u0442\u0443 3000, \u0442.\u0435. \u0441\u0435\u0440\u0432\u0438\u0441 Grafana\">\u0447\u0435\u0440\u0435\u0437 3000 \u0434\u043e\u043b\u0436\u0435\u043d \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c\u0441\u044f 192.168.111.5 \u043f\u043e \u043f\u043e\u0440\u0442\u0443 3000, \u0442.\u0435. \u0441\u0435\u0440\u0432\u0438\u0441 Grafana<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-6\"><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/#%D1%81_9126_%D0%B8_9127_%D0%B4%D0%BE%D0%BB%D0%B6%D0%BD%D1%8B_%D0%BE%D1%82%D0%BA%D1%80%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%D1%81%D1%8F_1921682113_%D0%B8_1921681115_%D1%81%D0%BE%D0%BE%D1%82%D0%B2%D0%B5%D1%82%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D0%BE_%D0%BF%D0%BE_%D0%BF%D0%BE%D1%80%D1%82%D1%83_9126_%D1%82%D0%B5_Exporter_telegraf\" title=\"\u0441 9126 \u0438 9127 \u0434\u043e\u043b\u0436\u043d\u044b \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c\u0441\u044f 192.168.211.3 \u0438 192.168.111.5 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043f\u043e \u043f\u043e\u0440\u0442\u0443 9126, \u0442.\u0435. Exporter telegraf\">\u0441 9126 \u0438 9127 \u0434\u043e\u043b\u0436\u043d\u044b \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c\u0441\u044f 192.168.211.3 \u0438 192.168.111.5 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043f\u043e \u043f\u043e\u0440\u0442\u0443 9126, \u0442.\u0435. Exporter telegraf<\/a><\/li><\/ul><\/li><\/ul><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-4\"><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/#%D0%97%D0%B0%D0%BA%D0%BB%D1%8E%D1%87%D0%B5%D0%BD%D0%B8%D0%B5\" title=\"\u0417\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\">\u0417\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435<\/a><\/li><\/ul><\/nav><\/div>\n<h4><span class=\"ez-toc-section\" id=\"%D0%92%D0%B2%D0%BE%D0%B4%D0%BD%D0%B0%D1%8F_%D1%87%D0%B0%D1%81%D1%82%D1%8C_%D0%BF%D1%80%D0%BE_Firewall\"><\/span>\u0412\u0432\u043e\u0434\u043d\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u043f\u0440\u043e Firewall<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>\u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0443, \u043d\u0430\u0432\u0435\u0440\u043d\u043e\u0435, \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u043c\u0435\u0436\u0434\u0443 \u0443\u0437\u043b\u0430\u043c\u0438 \u0441\u0435\u0442\u0438 \u043d\u0430 \u0441\u0435\u0442\u0435\u0432\u043e\u043c \u0438 \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u043d\u043e\u043c \u0443\u0440\u043e\u0432\u043d\u044f\u0445 \u043c\u043e\u0434\u0435\u043b\u0438 OSI, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b \u0434\u0432\u0430 \u044d\u043b\u0435\u043c\u0435\u043d\u0442\u0430: IP \u0430\u0434\u0440\u0435\u0441 \u0438 \u043f\u043e\u0440\u0442. \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0443\u0437\u0435\u043b \u043f\u043e\u0434 \u043d\u043e\u043c\u0435\u0440\u043e\u043c \u043e\u0434\u0438\u043d \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u043f\u0430\u043a\u0435\u0442 \u0443\u0437\u043b\u0443 \u043f\u043e\u0434 \u043d\u043e\u043c\u0435\u0440\u043e\u043c \u0434\u0432\u0430 \u043d\u0430 \u043f\u043e\u0440\u0442 22 \u0438 \u0436\u0434\u0435\u0442 \u043e\u0442\u0432\u0435\u0442. \u0415\u0441\u043b\u0438 \u043e\u0442\u0432\u0435\u0442 \u043f\u0440\u0438\u0448\u0435\u043b, \u0442\u043e \u0441\u0447\u0438\u0442\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u043f\u043e\u0440\u0442 \u043e\u0442\u043a\u0440\u044b\u0442 \u0434\u043b\u044f \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439. <\/p>\n\n\n\n<p>\u0421 \u043e\u0434\u043d\u043e\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u044d\u0442\u043e \u0443\u0434\u043e\u0431\u043d\u043e, \u043d\u043e \u0441 \u0434\u0440\u0443\u0433\u043e\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u043e\u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0443\u0437\u0435\u043b \u0438 \u043f\u043e\u043d\u044f\u0442\u044c, \u043a\u0430\u043a\u0438\u0435 \u043f\u043e\u0440\u0442\u044b \u043e\u0442\u043a\u0440\u044b\u0442\u044b. \u0411\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 \u0438\u043c\u0435\u044e\u0442 \u0443\u0436\u0435 \u0443\u0441\u0442\u043e\u044f\u0432\u0448\u0438\u0435\u0441\u044f \u043f\u043e\u0440\u0442\u044b. \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, 22 \u044d\u0442\u043e ssh, 21 &#8212; ftp, 80 &#8212; http. \u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u043f\u043e\u0441\u043b\u0435 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043d\u044f\u0442\u044c \u043a\u0430\u043a\u043e\u0439 \u0441\u0435\u0440\u0432\u0438\u0441 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0437\u0430 \u0442\u0435\u043c \u0438\u043b\u0438 \u0438\u043d\u044b\u043c \u043f\u043e\u0440\u0442\u043e\u043c. \u0417\u043d\u0430\u044f \u0441\u0435\u0440\u0432\u0438\u0441, \u0431\u0443\u0434\u0435\u0442 \u043f\u0440\u043e\u0449\u0435 \u043d\u0430\u0439\u0442\u0438 \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442. <\/p>\n\n\n\n<p>\u0414\u043b\u044f \u0447\u0435\u0433\u043e \u0436\u0435 \u043d\u0443\u0436\u0435\u043d Firewall \u043d\u0430 CentOS, \u0434\u0430 \u0438 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e? <\/p>\n\n\n\n<p>\u0421\u0430\u043c\u043e\u0435 \u0433\u043b\u0430\u0432\u043d\u043e\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0444\u0430\u0439\u0440\u0432\u043e\u043b\u0430: \u0437\u0430\u043f\u0440\u0435\u0449\u0435\u043d\u043e \u0432\u0441\u0435, \u0447\u0442\u043e \u043d\u0435 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u043e. \u0427\u0442\u043e \u044d\u0442\u043e \u0437\u043d\u0430\u0447\u0438\u0442? \u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043c, \u0447\u0442\u043e \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440 \u0438\u0437 \u0448\u0430\u0431\u043b\u043e\u043d\u0430 \u0441 \u043f\u0440\u044f\u043c\u044b\u043c \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442. \u0422\u043e\u0442, \u043a\u0442\u043e \u0433\u043e\u0442\u043e\u0432\u0438\u043b \u0448\u0430\u0431\u043b\u043e\u043d, \u043f\u043e\u0441\u0447\u0438\u0442\u0430\u043b, \u0447\u0442\u043e \u0441\u0435\u0440\u0432\u0435\u0440 \u0431\u0443\u0434\u0435\u0442 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u044c\u0441\u044f \u0432 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u0437\u0432\u043d\u0435 \u043a \u043d\u0435\u043c\u0443 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043e\u0441\u0442\u0430\u0432\u0438\u043b ssh \u043d\u0430 22 \u043f\u043e\u0440\u0442\u0443. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435, \u0431\u0435\u0437 Firewall, ssh \u043f\u043e\u0440\u0442 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0438\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d.  \u0415\u0441\u043b\u0438 \u0436\u0435 \u0444\u0430\u0439\u0440\u0432\u043e\u043b \u0432\u043a\u043b\u044e\u0447\u0435\u043d, 22 \u043f\u043e\u0440\u0442 \u0438\u0437\u0432\u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043d\u0435 \u0431\u0443\u0434\u0435\u0442, \u043f\u043e\u043a\u0430 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u043e \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u044e\u0449\u0435\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e.  \u0422\u043e \u0435\u0441\u0442\u044c, \u0443 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043f\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0435\u0449\u0435 \u043e\u0434\u043d\u0430 \u0442\u043e\u0447\u043a\u0430 \u0433\u0434\u0435 \u043d\u0443\u0436\u043d\u043e \u043f\u043e\u0434\u0443\u043c\u0430\u0442\u044c &#8212; \u0430 \u043c\u043e\u0436\u043d\u043e \u043b\u0438 \u0442\u0430\u043a \u0441\u0434\u0435\u043b\u0430\u0442\u044c? \u0412 \u0434\u0430\u043d\u043d\u043e\u043c \u043f\u0440\u0438\u043c\u0435\u0440\u0435 \u0441 ssh \u043f\u043e\u0440\u0442\u043e\u043c, \u0435\u0441\u043b\u0438 \u043d\u0435\u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0442\u0438 \u0435\u0433\u043e \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u043f\u043e\u0440\u0442, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440 29865. \u042d\u0442\u043e \u0443\u0441\u043b\u043e\u0436\u043d\u0438\u0442 \u043f\u043e\u0438\u0441\u043a \u0438 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432.<\/p>\n\n\n\n<h4><span class=\"ez-toc-section\" id=\"%D0%9E%D0%BF%D1%86%D0%B8%D0%B8_%D0%B8_%D0%BA%D0%BB%D1%8E%D1%87%D0%B8\"><\/span>\u041e\u043f\u0446\u0438\u0438 \u0438 \u043a\u043b\u044e\u0447\u0438<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<blockquote class=\"wp-block-quote\"><p><\/p><cite>\u041f\u0435\u0440\u0435\u0434 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0430\u0432\u0438\u043b, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u044b \u043d\u0435 \u0443\u0432\u0435\u0440\u0435\u043d\u044b, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0435\u0441\u043b\u0438 \u0441\u0435\u0440\u0432\u0435\u0440 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e ssh, \u0436\u0435\u043b\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u0435\u0431\u044f \u043e\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u0438\u0442\u044c. \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0441\u043a\u0440\u0438\u043f\u0442 \u0432 cron, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u0443\u0434\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c Firewall. \u0418 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u043d\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u043a\u043b\u044e\u0447: &#8212;permanent. \u0422\u043e\u0433\u0434\u0430 \u043f\u043e\u0441\u043b\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 firewalld, \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f.<\/cite><\/blockquote>\n\n\n\n<pre class=\"wp-block-code\"><code>--permanent \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0431\u0443\u0434\u0435\u0442 \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u043e \u043f\u043e\u0441\u043b\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 firewalld;\n--zone=&lt;\u0438\u043c\u044f \u0437\u043e\u043d\u044b> \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u0432 \u043a\u0430\u043a\u043e\u0439 \u0437\u043e\u043d\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u044f\u0442\u0441\u044f \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f;\n--add-port - \u043a\u043b\u044e\u0447 \u0434\u043b\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f (\u043e\u0442\u043a\u0440\u044b\u0442\u0438\u044f) \u043f\u043e\u0440\u0442\u0430;\n--add-forward-port - \u043f\u0440\u043e\u0431\u0440\u043e\u0441 \u043f\u043e\u0440\u0442\u0430 \u0441 \u043e\u0434\u043d\u043e\u0433\u043e \u0443\u0437\u043b\u0430 \u043d\u0430 \u0434\u0440\u0443\u0433\u043e\u0439;\n--list-all-zones - \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440 \u0432\u0441\u0435\u0445 \u0437\u043e\u043d firewalld \u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0445 \u0432 \u043d\u0438\u0445 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439;\n--reload - \u043f\u0435\u0440\u0435\u0447\u0438\u0442\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0444\u0430\u0439\u0440\u0432\u043e\u043b\u0430;\n--direct --get-all-rules \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0435 \u0432\u0441\u0435\u0445 \u043f\u0440\u0430\u0432\u0438\u043b \u0441 \u043f\u0440\u044f\u043c\u044b\u043c\u0438 \u043e\u043f\u0446\u0438\u044f\u043c\u0438;\n--direct \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u0435\u0440\u0435\u0434 \u0432\u0441\u0435\u043c\u0438 \u043f\u0440\u044f\u043c\u044b\u043c\u0438 \u043e\u043f\u0446\u0438\u044f\u043c\u0438.<\/code><\/pre>\n\n\n\n<blockquote class=\"wp-block-quote\"><p><a href=\"https:\/\/fedoraproject.org\/wiki\/FirewallD\/ru#.D0.9F.D1.80.D1.8F.D0.BC.D1.8B.D0.B5_.D0.BE.D0.BF.D1.86.D0.B8.D0.B8\">https:\/\/fedoraproject.org\/wiki\/FirewallD\/ru#.D0.9F.D1.80.D1.8F.D0.BC.D1.8B.D0.B5_.D0.BE.D0.BF.D1.86.D0.B8.D0.B8<\/a><\/p><cite>\u041f\u0440\u044f\u043c\u044b\u0435 \u043e\u043f\u0446\u0438\u0438 \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u044b, \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c, \u0434\u043b\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u0440\u0430\u0432\u0438\u043b \u0441\u043b\u0443\u0436\u0431\u0430\u043c \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c. \u041f\u0440\u0430\u0432\u0438\u043b\u0430 \u043d\u0435 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u044e\u0442\u0441\u044f \u0438 \u0434\u043e\u043b\u0436\u043d\u044b \u0431\u044b\u0442\u044c \u043f\u0435\u0440\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u044b \u043f\u043e\u0441\u043b\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0438\u043b\u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u043a\u0430. \u0410\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u044b \u0441\u043a\u0432\u043e\u0437\u043d\u043e\u0439 \u043e\u043f\u0446\u0438\u0438 \u0442\u0430\u043a\u0438\u0435 \u0436\u0435, \u043a\u0430\u043a \u0438 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u044b iptables, ip6tables, ebtables.<\/cite><\/blockquote>\n\n\n\n<h4><span class=\"ez-toc-section\" id=\"%D0%9F%D1%80%D0%B0%D0%BA%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5_%D0%BF%D1%80%D0%B8%D0%BC%D0%B5%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5_Firewall_%D0%BD%D0%B0_CentOS_7\"><\/span>\u041f\u0440\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 Firewall \u043d\u0430 CentOS 7<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>\u041f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0432 CentOS 7 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f RHEL \u0440\u0435\u0448\u0435\u043d\u0438\u0435 &#8212; firewalld. \u0423\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430, \u0437\u0430\u043f\u0443\u0441\u043a, \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432 \u0430\u0432\u0442\u043e\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>yum install firewalld\nsystemctl start firewalld\nsystemctl enable firewalld<\/code><\/pre>\n\n\n\n<h5><span class=\"ez-toc-section\" id=\"%D0%9E%D0%BA%D1%80%D1%83%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5\"><\/span>\u041e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u0435<span class=\"ez-toc-section-end\"><\/span><\/h5>\n\n\n\n<pre class=\"wp-block-code\"><code>\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e: IP 192.168.100.21\n\u0420\u043e\u0443\u0442\u0435\u0440: LAN - 192.168.100.1-192.168.100.200\n\u0421\u0435\u0440\u0432\u0435\u0440 \u21161: \u0420\u043e\u043b\u044c: \u0428\u043b\u044e\u0437\n    \u0418\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441: ens160 - 192.168.100.50 (\u0421\u0435\u0442\u044c \u0441 \u0432\u044b\u0445\u043e\u0434\u043e\u043c \u0432 Inet)\n    \u0418\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441: ens192 - 192.168.211.1 (\u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u0430\u044f \u0441\u0435\u0442\u044c)\n    \u0418\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441: ens224 - 192.168.111.1 (\u043f\u0440\u043e\u0435\u043a\u0442\u043d\u0430\u044f \u0441\u0435\u0442\u044c)\n\u0421\u0435\u0440\u0432\u0435\u0440 \u21162: 192.168.211.3 (\u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u0441\u0435\u0442\u0438)\n    \u0421\u0435\u0440\u0432\u0438\u0441\u044b - Prometheus:9090; Telegraf:9126\n\u0421\u0435\u0440\u0432\u0435\u0440 \u21163: 192.168.111.5 (\u0432 \u043f\u0440\u043e\u0435\u043a\u0442\u043d\u043e\u0439 \u0441\u0435\u0442\u0438)\n    \u0421\u0435\u0440\u0432\u0438\u0441\u044b - Grafana:3000; Telegraf:9126<\/code><\/pre>\n\n\n\n<h5><span class=\"ez-toc-section\" id=\"%D0%97%D0%B0%D0%B4%D0%B0%D1%87%D0%B8\"><\/span>\u0417\u0430\u0434\u0430\u0447\u0438<span class=\"ez-toc-section-end\"><\/span><\/h5>\n\n\n\n<ol><li>\u043e\u0442\u043a\u0440\u044b\u0442\u044c \u043f\u043e\u0440\u0442 \u0434\u043b\u044f \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439;<\/li><li>\u0440\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c \u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043c\u0435\u0436\u0434\u0443 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u0441\u0435\u0442\u044c\u044e \u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u043d\u043e\u0439;<\/li><li>\u0440\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u043e\u0439  \u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u043d\u043e\u0439 \u0441\u0435\u0442\u044f\u043c \u0432\u044b\u0445\u043e\u0434\u0438\u0442\u044c \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442;<\/li><li>\u043f\u0440\u043e\u0431\u0440\u043e\u0441 \u043f\u043e\u0440\u0442\u043e\u0432. \u041f\u0440\u0438 \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u0438 \u043d\u0430 \u0448\u043b\u044e\u0437:<ul><li> \u043f\u043e \u043f\u043e\u0440\u0442\u0443 9090 \u0434\u043e\u043b\u0436\u0435\u043d \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c\u0441\u044f 192.168.211.3 \u043f\u043e \u043f\u043e\u0440\u0442\u0443 9090, \u0442.\u0435. \u0441\u0435\u0440\u0432\u0438\u0441 prometheus;<\/li><li>\u0447\u0435\u0440\u0435\u0437 3000 \u0434\u043e\u043b\u0436\u0435\u043d \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c\u0441\u044f 192.168.111.5 \u043f\u043e \u043f\u043e\u0440\u0442\u0443 3000, \u0442.\u0435. \u0441\u0435\u0440\u0432\u0438\u0441 grafana;<\/li><li>\u0441 9126 \u0438 9127 \u0434\u043e\u043b\u0436\u043d\u044b \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c\u0441\u044f 192.168.211.3 \u0438 192.168.111.5 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043f\u043e \u043f\u043e\u0440\u0442\u0443 9126, \u0442.\u0435. exporter telegraf.<\/li><\/ul><\/li><\/ol>\n\n\n\n<p><\/p>\n\n\n\n<h6><span class=\"ez-toc-section\" id=\"%D0%9E%D1%82%D0%BA%D1%80%D1%8B%D1%82%D1%8C_%D0%BF%D0%BE%D1%80%D1%82_%D0%B4%D0%BB%D1%8F_%D0%B2%D0%BD%D0%B5%D1%88%D0%BD%D0%B8%D1%85_%D0%BF%D0%BE%D0%B4%D0%BA%D0%BB%D1%8E%D1%87%D0%B5%D0%BD%D0%B8%D0%B9\"><\/span>\u041e\u0442\u043a\u0440\u044b\u0442\u044c \u043f\u043e\u0440\u0442 \u0434\u043b\u044f \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439<span class=\"ez-toc-section-end\"><\/span><\/h6>\n\n\n\n<p>\u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u043b\u0438 nginx, \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u043b\u0438, \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439 netstat \u0432\u0438\u0434\u0438\u043c, \u0447\u0442\u043e 80 \u043f\u043e\u0440\u0442 \u043f\u043e\u0434\u043d\u044f\u0442 \u0438 \u0441\u043b\u0443\u0448\u0430\u0435\u0442\u0441\u044f nginx, \u043d\u043e \u0431\u0440\u0430\u0443\u0437\u0435\u0440 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0438\u0442\u044c\u0441\u044f \u043d\u0435 \u043c\u043e\u0436\u0435\u0442. \u0414\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u0440\u0442 \u0441\u0442\u0430\u043b \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u0438\u0437\u0432\u043d\u0435, \u043d\u0430 Firewall \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u043a \u043d\u0435\u043c\u0443:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>firewall-cmd --permanent --zone=public --add-port=80\/tcp<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<h6><span class=\"ez-toc-section\" id=\"%D0%A0%D0%B0%D0%B7%D1%80%D0%B5%D1%88%D0%B8%D1%82%D1%8C_%D1%85%D0%BE%D0%B6%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5_%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%D0%B0_%D0%BC%D0%B5%D0%B6%D0%B4%D1%83_%D0%B8%D0%BD%D1%84%D1%80%D0%B0%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%82%D1%83%D1%80%D0%BD%D0%BE%D0%B9_%D1%81%D0%B5%D1%82%D1%8C%D1%8E_%D0%B8_%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%D0%BD%D0%BE%D0%B9\"><\/span>\u0420\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c \u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043c\u0435\u0436\u0434\u0443 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u0441\u0435\u0442\u044c\u044e \u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u043d\u043e\u0439<span class=\"ez-toc-section-end\"><\/span><\/h6>\n\n\n\n<p>\u0414\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0440\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c \u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043c\u0435\u0436\u0434\u0443 \u0441\u0435\u0442\u044f\u043c\u0438,  \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u043f\u0440\u044f\u043c\u044b\u043c\u0438 \u043e\u043f\u0446\u0438\u044f\u043c\u0438. \u041f\u0440\u043e\u0449\u0435 \u0433\u043e\u0432\u043e\u0440\u044f, \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u043c\u0438 iptables. \u0412 netfilter \u0446\u0435\u043f\u043e\u0447\u043a\u0435 FORWARD \u0440\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c (-j ACCEPT) \u043f\u0440\u043e\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043a\u0435\u0442\u0430 \u043e\u0442 \u043e\u0434\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0432 \u0434\u0440\u0443\u0433\u0443\u044e. \u0420\u0430\u0437\u0440\u0435\u0448\u0430\u044e\u0449\u0435\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0441 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 ens192 \u043d\u0430 ens224 \u0438 \u043e\u0431\u0440\u0430\u0442\u043d\u043e, \u0432\u044b\u0433\u043b\u044f\u0434\u044f\u0442 \u0442\u0430\u043a:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 0 -i ens192 -o ens224 -j ACCEPT\nfirewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 0 -i ens224 -o ens192 -j ACCEPT\nfirewall-cmd --reload<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<h6><span class=\"ez-toc-section\" id=\"%D0%A0%D0%B0%D0%B7%D1%80%D0%B5%D1%88%D0%B8%D1%82%D1%8C_%D0%B8%D0%BD%D1%84%D1%80%D0%B0%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%82%D1%83%D1%80%D0%BD%D0%BE%D0%B9_%D0%B8_%D0%BF%D1%80%D0%BE%D0%B5%D0%BA%D1%82%D0%BD%D0%BE%D0%B9_%D1%81%D0%B5%D1%82%D1%8F%D0%BC_%D0%B2%D1%8B%D1%85%D0%BE%D0%B4%D0%B8%D1%82%D1%8C_%D0%B2_%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82\"><\/span>\u0420\u0430\u0437\u0440\u0435\u0448\u0438\u0442\u044c \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043d\u043e\u0439 \u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u043d\u043e\u0439 \u0441\u0435\u0442\u044f\u043c \u0432\u044b\u0445\u043e\u0434\u0438\u0442\u044c \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442<span class=\"ez-toc-section-end\"><\/span><\/h6>\n\n\n\n<p>\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u044b\u0445\u043e\u0434\u0430 \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u043f\u043e\u0434\u0441\u0435\u0442\u044f\u043c \u043c\u043e\u0436\u043d\u043e \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0435\u0440\u0435\u0437 NAT, \u0442\u043e \u0435\u0441\u0442\u044c \u0434\u043b\u044f \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0445 \u0443\u0437\u043b\u043e\u0432 \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0432\u0441\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b \u0431\u0443\u0434\u0443\u0442 \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u044c \u043e\u0442 \u0430\u0434\u0440\u0435\u0441\u0430 \u0448\u043b\u044e\u0437\u0430 (\u0435\u0441\u043b\u0438 \u0448\u043b\u044e\u0437 \u043d\u0435 \u0441\u043f\u0440\u044f\u0442\u0430\u043d \u0435\u0449\u0435 \u0437\u0430 \u043e\u0434\u0438\u043d NAT). \u0412\u043a\u0440\u0430\u0442\u0446\u0435, \u0434\u043b\u044f \u0446\u0435\u043f\u043e\u0447\u043a\u0438 POSTROUTING \u0432 \u0442\u0430\u0431\u043b\u0438\u0446\u0435 nat \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430\u0434 \u043f\u0430\u043a\u0435\u0442\u043e\u043c MASQUERADE. \u042d\u0442\u043e\u0442 \u043c\u0435\u0442\u043e\u0434 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0437\u043b\u0443, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0435 \u0438\u043c\u0435\u0435\u0442 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430, \u043e\u0431\u043c\u0435\u043d\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0441 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0443\u0437\u043b\u0430\u043c\u0438 \u0447\u0435\u0440\u0435\u0437 \u043f\u043e\u0441\u0440\u0435\u0434\u043d\u0438\u043a\u0430 (\u0448\u043b\u044e\u0437), \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u043c\u0435\u0436\u0434\u0443 \u043d\u0438\u043c \u0438 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u043e\u043c. \u0425\u043e\u0440\u043e\u0448\u0430\u044f \u0441\u0442\u0430\u0442\u044c\u044f \u043f\u0440\u043e iptables: <a href=\"https:\/\/www.k-max.name\/linux\/netfilter-iptables-v-linux\/\">https:\/\/www.k-max.name\/linux\/netfilter-iptables-v-linux\/<\/a>.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>firewall-cmd --permanent --direct --add-rule ipv4 nat POSTROUTING 0 -o ens160 -j MASQUERADE<\/code><\/pre>\n\n\n\n<p>\u041a\u0440\u043e\u043c\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u043c\u0430\u0441\u043a\u0430\u0440\u0430\u0434\u0438\u043d\u0433\u0430, \u043d\u0443\u0436\u043d\u043e \u0434\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u043e \u0432 \u0442\u0430\u0431\u043b\u0438\u0446\u0443 filter (\u0446\u0435\u043f\u043e\u0447\u043a\u0430 FORWARD), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0435 \u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0441 \u0432\u043d\u0435\u0448\u043d\u0435\u0439 \u0441\u0435\u0442\u0438 \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0434\u043b\u044f \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0438\u0445 \u043d\u043e\u0432\u044b\u0439 \u0441\u0435\u0430\u043d\u0441, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u0443\u0436\u0435 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0434\u0440\u0443\u0433\u0438\u043c \u0441\u0435\u0430\u043d\u0441\u043e\u043c (RELATED), \u0438 \u043f\u0430\u043a\u0435\u0442\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0447\u0430\u0441\u0442\u044c\u044e \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0433\u043e \u0441\u0435\u0430\u043d\u0441\u0430 (ESTABLISHED).<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>firewall-cmd --direct --permanent --add-rule ipv4 filter FORWARD 0 -i ens160 -o ens192 -m state --state RELATED,ESTABLISHED -j ACCEPT\nfirewall-cmd --direct --permanent --add-rule ipv4 filter FORWARD 0 -i ens160 -o ens224 -m state --state RELATED,ESTABLISHED -j ACCEPT\nfirewall-cmd --reload<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<h6><span class=\"ez-toc-section\" id=\"%D0%BF%D0%BE_%D0%BF%D0%BE%D1%80%D1%82%D1%83_9090_%D0%B4%D0%BE%D0%BB%D0%B6%D0%B5%D0%BD_%D0%BE%D1%82%D0%BA%D1%80%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%D1%81%D1%8F_1921682113_%D0%BF%D0%BE_%D0%BF%D0%BE%D1%80%D1%82%D1%83_9090_%D1%82%D0%B5_%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81_Prometheus\"><\/span>\u043f\u043e \u043f\u043e\u0440\u0442\u0443 9090 \u0434\u043e\u043b\u0436\u0435\u043d \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c\u0441\u044f 192.168.211.3 \u043f\u043e \u043f\u043e\u0440\u0442\u0443 9090, \u0442.\u0435. \u0441\u0435\u0440\u0432\u0438\u0441 Prometheus<span class=\"ez-toc-section-end\"><\/span><\/h6>\n\n\n\n<pre class=\"wp-block-code\"><code>firewall-cmd --permanent --zone=public --add-port=9090\/tcp\nfirewall-cmd --permanent --zone=public --add-forward-port=port=9090:proto=tcp:toport=9090:toaddr=192.168.211.3\nfirewall-cmd --reload<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<h6><span class=\"ez-toc-section\" id=\"%D1%87%D0%B5%D1%80%D0%B5%D0%B7_3000_%D0%B4%D0%BE%D0%BB%D0%B6%D0%B5%D0%BD_%D0%BE%D1%82%D0%BA%D1%80%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%D1%81%D1%8F_1921681115_%D0%BF%D0%BE_%D0%BF%D0%BE%D1%80%D1%82%D1%83_3000_%D1%82%D0%B5_%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81_Grafana\"><\/span>\u0447\u0435\u0440\u0435\u0437 3000 \u0434\u043e\u043b\u0436\u0435\u043d \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c\u0441\u044f 192.168.111.5 \u043f\u043e \u043f\u043e\u0440\u0442\u0443 3000, \u0442.\u0435. \u0441\u0435\u0440\u0432\u0438\u0441 Grafana<span class=\"ez-toc-section-end\"><\/span><\/h6>\n\n\n\n<pre class=\"wp-block-code\"><code>firewall-cmd --permanent --zone=public --add-port=3000\/tcp\nfirewall-cmd --permanent --zone=public --add-forward-port=port=3000:proto=tcp:toport=3000:toaddr=192.168.111.5\nfirewall-cmd --reload<\/code><\/pre>\n\n\n\n<p><\/p>\n\n\n\n<h6><span class=\"ez-toc-section\" id=\"%D1%81_9126_%D0%B8_9127_%D0%B4%D0%BE%D0%BB%D0%B6%D0%BD%D1%8B_%D0%BE%D1%82%D0%BA%D1%80%D1%8B%D0%B2%D0%B0%D1%82%D1%8C%D1%81%D1%8F_1921682113_%D0%B8_1921681115_%D1%81%D0%BE%D0%BE%D1%82%D0%B2%D0%B5%D1%82%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D0%BE_%D0%BF%D0%BE_%D0%BF%D0%BE%D1%80%D1%82%D1%83_9126_%D1%82%D0%B5_Exporter_telegraf\"><\/span>\u0441 9126 \u0438 9127 \u0434\u043e\u043b\u0436\u043d\u044b \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0442\u044c\u0441\u044f 192.168.211.3 \u0438 192.168.111.5 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043f\u043e \u043f\u043e\u0440\u0442\u0443 9126, \u0442.\u0435. Exporter telegraf<span class=\"ez-toc-section-end\"><\/span><\/h6>\n\n\n\n<pre class=\"wp-block-code\"><code>firewall-cmd --permanent --zone=public --add-port=9126\/tcp\nfirewall-cmd --permanent --zone=public --add-port=9127\/tcp\nfirewall-cmd --permanent --zone=public --add-forward-port=port=9126:proto=tcp:toport=9126:toaddr=192.168.211.3\nfirewall-cmd --permanent --zone=public --add-forward-port=port=9127:proto=tcp:toport=9126:toaddr=192.168.111.5\nfirewall-cmd --reload<\/code><\/pre>\n\n\n\n<h4><span class=\"ez-toc-section\" id=\"%D0%97%D0%B0%D0%BA%D0%BB%D1%8E%D1%87%D0%B5%D0%BD%D0%B8%D0%B5\"><\/span>\u0417\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435<span class=\"ez-toc-section-end\"><\/span><\/h4>\n\n\n\n<p>\u0412 \u0441\u0442\u0430\u0442\u044c\u0435 \u043f\u043e\u0441\u0442\u0430\u0440\u0430\u043b\u0441\u044f \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0442\u0438\u043f\u043e\u0432\u044b\u0435 \u0437\u0430\u0434\u0430\u0447\u0438, \u0434\u043b\u044f \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f Firewall \u043d\u0430 CentOS 7. \u041a \u0441\u043e\u0436\u0430\u043b\u0435\u043d\u0438\u044e, \u044d\u0442\u043e \u043b\u0438\u0448\u044c \u043c\u0430\u043b\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u043e\u0442 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a\u0438\u043c\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u043e\u0431\u043b\u0430\u0434\u0430\u0435\u0442 \u044d\u0442\u043e\u0442 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u0420\u0430\u0437\u0431\u0438\u0440\u0430\u0435\u043c\u0441\u044f, \u043a\u0430\u043a \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Firewall \u043d\u0430 CentOS 7. \u041e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u043c \u043f\u043e\u0440\u0442\u044b, \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c NAT, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u043c \u043f\u0440\u043e\u0431\u0440\u043e\u0441 \u043f\u043e\u0440\u0442\u043e\u0432.<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[22,23,19],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v15.6.2 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Firewall \u043d\u0430 CentOS 7 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 - \u0417\u0430\u043f\u0438\u0441\u043a\u0438 \u043f\u043e \u0418\u0422<\/title>\n<meta name=\"description\" content=\"\u0420\u0430\u0437\u0431\u0438\u0440\u0430\u0435\u043c\u0441\u044f, \u043a\u0430\u043a \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Firewall \u043d\u0430 CentOS 7. \u041e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u043c \u043f\u043e\u0440\u0442\u044b, \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c NAT, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u043c \u043f\u0440\u043e\u0431\u0440\u043e\u0441 \u043f\u043e\u0440\u0442\u043e\u0432.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/\" \/>\n<meta property=\"og:locale\" content=\"ru_RU\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Firewall \u043d\u0430 CentOS 7 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 - \u0417\u0430\u043f\u0438\u0441\u043a\u0438 \u043f\u043e \u0418\u0422\" \/>\n<meta property=\"og:description\" content=\"\u0420\u0430\u0437\u0431\u0438\u0440\u0430\u0435\u043c\u0441\u044f, \u043a\u0430\u043a \u043d\u0430\u0441\u0442\u0440\u043e\u0438\u0442\u044c \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Firewall \u043d\u0430 CentOS 7. \u041e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u043c \u043f\u043e\u0440\u0442\u044b, \u043d\u0430\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c NAT, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u043c \u043f\u0440\u043e\u0431\u0440\u043e\u0441 \u043f\u043e\u0440\u0442\u043e\u0432.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/\" \/>\n<meta property=\"og:site_name\" content=\"\u0417\u0430\u043f\u0438\u0441\u043a\u0438 \u043f\u043e \u0418\u0422\" \/>\n<meta property=\"article:published_time\" content=\"2021-02-14T12:53:01+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-03-02T17:42:19+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u041f\u0440\u0438\u043c\u0435\u0440\u043d\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f\">\n\t<meta name=\"twitter:data1\" content=\"5 \u043c\u0438\u043d\u0443\u0442\">\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/ittx.ru\/note\/#website\",\"url\":\"https:\/\/ittx.ru\/note\/\",\"name\":\"\\u0417\\u0430\\u043f\\u0438\\u0441\\u043a\\u0438 \\u043f\\u043e \\u0418\\u0422\",\"description\":\"\\u0421\\u0438\\u0441\\u0442\\u0435\\u043c\\u043d\\u043e\\u0435 \\u0430\\u0434\\u043c\\u0438\\u043d\\u0438\\u0441\\u0442\\u0440\\u0438\\u0440\\u043e\\u0432\\u0430\\u043d\\u0438\\u0435 \\u0438 DevOps\",\"publisher\":{\"@id\":\"https:\/\/ittx.ru\/note\/#\/schema\/person\/0fbc97a6e30258a4af33a2b690d0a908\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":\"https:\/\/ittx.ru\/note\/?s={search_term_string}\",\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"ru-RU\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/#webpage\",\"url\":\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/\",\"name\":\"Firewall \\u043d\\u0430 CentOS 7 \\u043d\\u0430\\u0441\\u0442\\u0440\\u043e\\u0439\\u043a\\u0430 \\u0438 \\u0438\\u0441\\u043f\\u043e\\u043b\\u044c\\u0437\\u043e\\u0432\\u0430\\u043d\\u0438\\u0435 - \\u0417\\u0430\\u043f\\u0438\\u0441\\u043a\\u0438 \\u043f\\u043e \\u0418\\u0422\",\"isPartOf\":{\"@id\":\"https:\/\/ittx.ru\/note\/#website\"},\"datePublished\":\"2021-02-14T12:53:01+00:00\",\"dateModified\":\"2021-03-02T17:42:19+00:00\",\"description\":\"\\u0420\\u0430\\u0437\\u0431\\u0438\\u0440\\u0430\\u0435\\u043c\\u0441\\u044f, \\u043a\\u0430\\u043a \\u043d\\u0430\\u0441\\u0442\\u0440\\u043e\\u0438\\u0442\\u044c \\u0438 \\u0438\\u0441\\u043f\\u043e\\u043b\\u044c\\u0437\\u043e\\u0432\\u0430\\u0442\\u044c Firewall \\u043d\\u0430 CentOS 7. \\u041e\\u0442\\u043a\\u0440\\u044b\\u0432\\u0430\\u0435\\u043c \\u043f\\u043e\\u0440\\u0442\\u044b, \\u043d\\u0430\\u0441\\u0442\\u0440\\u0430\\u0438\\u0432\\u0430\\u0435\\u043c NAT, \\u0440\\u0435\\u0430\\u043b\\u0438\\u0437\\u0443\\u0435\\u043c \\u043f\\u0440\\u043e\\u0431\\u0440\\u043e\\u0441 \\u043f\\u043e\\u0440\\u0442\\u043e\\u0432.\",\"inLanguage\":\"ru-RU\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/\"]}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/#webpage\"},\"author\":{\"@id\":\"https:\/\/ittx.ru\/note\/#\/schema\/person\/0fbc97a6e30258a4af33a2b690d0a908\"},\"headline\":\"Firewall \\u043d\\u0430 CentOS 7 \\u043d\\u0430\\u0441\\u0442\\u0440\\u043e\\u0439\\u043a\\u0430 \\u0438 \\u0438\\u0441\\u043f\\u043e\\u043b\\u044c\\u0437\\u043e\\u0432\\u0430\\u043d\\u0438\\u0435\",\"datePublished\":\"2021-02-14T12:53:01+00:00\",\"dateModified\":\"2021-03-02T17:42:19+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/ittx.ru\/note\/2021\/02\/14\/firewall_na_centos_7\/#webpage\"},\"publisher\":{\"@id\":\"https:\/\/ittx.ru\/note\/#\/schema\/person\/0fbc97a6e30258a4af33a2b690d0a908\"},\"articleSection\":\"CentOS,Example,Firewall\",\"inLanguage\":\"ru-RU\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/ittx.ru\/note\/#\/schema\/person\/0fbc97a6e30258a4af33a2b690d0a908\",\"name\":\"writer\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/ittx.ru\/note\/#personlogo\",\"inLanguage\":\"ru-RU\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/5b3099422beea941fa3a9c21f066bdfa?s=96&d=mm&r=g\",\"caption\":\"writer\"},\"logo\":{\"@id\":\"https:\/\/ittx.ru\/note\/#personlogo\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","_links":{"self":[{"href":"https:\/\/ittx.ru\/note\/wp-json\/wp\/v2\/posts\/311"}],"collection":[{"href":"https:\/\/ittx.ru\/note\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ittx.ru\/note\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ittx.ru\/note\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/ittx.ru\/note\/wp-json\/wp\/v2\/comments?post=311"}],"version-history":[{"count":36,"href":"https:\/\/ittx.ru\/note\/wp-json\/wp\/v2\/posts\/311\/revisions"}],"predecessor-version":[{"id":502,"href":"https:\/\/ittx.ru\/note\/wp-json\/wp\/v2\/posts\/311\/revisions\/502"}],"wp:attachment":[{"href":"https:\/\/ittx.ru\/note\/wp-json\/wp\/v2\/media?parent=311"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ittx.ru\/note\/wp-json\/wp\/v2\/categories?post=311"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ittx.ru\/note\/wp-json\/wp\/v2\/tags?post=311"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}