{"id":63677,"date":"2025-04-29T14:20:32","date_gmt":"2025-04-29T06:20:32","guid":{"rendered":"https:\/\/fwq.ai\/blog\/63677\/"},"modified":"2025-04-29T14:20:32","modified_gmt":"2025-04-29T06:20:32","slug":"linux%e6%9c%8d%e5%8a%a1%e5%99%a8%e6%80%8e%e4%b9%88%e5%bc%80%e9%80%9a%e7%ab%af%e5%8f%a3-2","status":"publish","type":"post","link":"https:\/\/fwq.ai\/blog\/63677\/","title":{"rendered":"linux\u670d\u52a1\u5668\u600e\u4e48\u5f00\u901a\u7aef\u53e3"},"content":{"rendered":"<blockquote><p>\n  \u8981\u5f00\u901a linux \u670d\u52a1\u5668\u7aef\u53e3\uff0c\u9700\u4f9d\u6b21\uff1a1. \u786e\u5b9a\u8981\u5f00\u901a\u7aef\u53e3\uff1b2. \u7f16\u8f91\u9632\u706b\u5899\u89c4\u5219\uff1b3. \u5141\u8bb8\u7aef\u53e3\u901a\u8fc7 selinux\uff1b4. \u91cd\u542f\u9632\u706b\u5899\u548c selinux\uff1b5. \u9a8c\u8bc1\u8bbf\u95ee\u7aef\u53e3\u662f\u5426\u5df2\u5f00\u901a\u3002\n<\/p><\/blockquote>\n<p><img decoding=\"async\" src=\"https:\/\/img.php.cn\/upload\/article\/202406\/04\/2024060411181782772.jpg\" class=\"aligncenter\" title=\"linux\u670d\u52a1\u5668\u600e\u4e48\u5f00\u901a\u7aef\u53e3\u63d2\u56fe\" alt=\"linux\u670d\u52a1\u5668\u600e\u4e48\u5f00\u901a\u7aef\u53e3\u63d2\u56fe\" \/><\/p>\n<p><strong>\u5982\u4f55\u5f00\u901a Linux \u670d\u52a1\u5668\u7aef\u53e3<\/strong><\/p>\n<p>\u5f00\u901a Linux \u670d\u52a1\u5668\u7aef\u53e3\u9700\u8981\u9075\u5faa\u4ee5\u4e0b\u6b65\u9aa4\uff1a<\/p>\n<p><strong>1. \u786e\u5b9a\u8981\u5f00\u901a\u7684\u7aef\u53e3<\/strong><\/p>\n<p>\u9996\u5148\uff0c\u786e\u5b9a\u60a8\u9700\u8981\u5f00\u901a\u7684\u7aef\u53e3\u3002\u5b83\u53ef\u4ee5\u662f\u5e38\u89c1\u7684\u7aef\u53e3\uff08\u4f8b\u5982 80 \u6216 443\uff09\uff0c\u4e5f\u53ef\u4ee5\u662f\u81ea\u5b9a\u4e49\u7aef\u53e3\u3002<\/p>\n<p><strong>2. \u7f16\u8f91\u9632\u706b\u5899\u89c4\u5219<\/strong><\/p>\n<p>\u4f7f\u7528 <strong>ufw<\/strong>\uff08\u4e0d\u53ef\u4fee\u6539\u9632\u706b\u5899\uff09\u6216 <strong>firewalld<\/strong>\uff08\u52a8\u6001\u9632\u706b\u5899\uff09\u7ba1\u7406\u60a8\u7684\u9632\u706b\u5899\u89c4\u5219\u3002<\/p>\n<p><strong>\u4f7f\u7528 ufw\uff1a<\/strong><\/p>\n<pre>sudo ufw allow &lt;port&gt;<\/pre>\n<p> \u767b\u5f55\u540e\u590d\u5236 <\/p>\n<p><strong>\u4f7f\u7528 firewalld\uff1a<\/strong><\/p>\n<pre>sudo firewall-cmd --permanent --add-port=&lt;port&gt;\/tcp\nsudo firewall-cmd --reload<\/pre>\n<p> \u767b\u5f55\u540e\u590d\u5236 <\/p>\n<p><strong>3. \u5141\u8bb8\u7aef\u53e3\u901a\u8fc7 SELinux<\/strong><\/p>\n<p>SELinux\uff08\u5b89\u5168\u589e\u5f3a\u578b Linux\uff09\u53ef\u80fd\u4f1a\u963b\u6b62\u7aef\u53e3\u8bbf\u95ee\u3002\u8981\u6388\u4e88\u7aef\u53e3\u8bbf\u95ee\u6743\u9650\uff0c\u8bf7\u8fd0\u884c\uff1a<\/p>\n<pre>sudo setsebool -P httpd_can_network_connect_db on<\/pre>\n<p> \u767b\u5f55\u540e\u590d\u5236 <\/p>\n<p><strong>4. \u91cd\u542f\u9632\u706b\u5899\u548c SELinux<\/strong><\/p>\n<p>\u4e3a\u4e86\u4f7f\u66f4\u6539\u751f\u6548\uff0c\u8bf7\u91cd\u542f\u9632\u706b\u5899\u548c SELinux\uff1a<\/p>\n<pre>sudo systemctl restart firewalld\n# \u4ec5\u9002\u7528\u4e8e CentOS\/Red Hat\nsudo setenforce 0<\/pre>\n<p> \u767b\u5f55\u540e\u590d\u5236 <\/p>\n<p><strong>5. \u9a8c\u8bc1\u8bbf\u95ee<\/strong><\/p>\n<p>\u4f7f\u7528\u7aef\u53e3\u626b\u63cf\u5de5\u5177\uff08\u4f8b\u5982 nmap\uff09\u9a8c\u8bc1\u7aef\u53e3\u662f\u5426\u5df2\u5f00\u901a\uff1a<\/p>\n<pre>sudo nmap &lt;server_ip&gt; &lt;port&gt;<\/pre>\n<p> \u767b\u5f55\u540e\u590d\u5236 <\/p>\n<p>\u5982\u679c\u626b\u63cf\u6210\u529f\uff0c\u5219\u8868\u793a\u7aef\u53e3\u5df2\u5f00\u901a\u5e76\u53ef\u8bbf\u95ee\u3002<\/p>\n<p>\u4ee5\u4e0a\u5c31\u662f\u670d\u52a1\u5668\u600e\u4e48\u5f00\u901a\u7aef\u53e3\u7684\u8be6\u7ec6\u5185\u5bb9\uff0c\u66f4\u591a\u8bf7\u5173\u6ce8FDCServers\u5176\u5b83\u76f8\u5173\u6587\u7ae0\uff01<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u8981\u5f00\u901a linux \u670d\u52a1\u5668\u7aef\u53e3\uff0c\u9700\u4f9d\u6b21\uff1a1. \u786e\u5b9a\u8981\u5f00\u901a\u7aef\u53e3\uff1b2. \u7f16\u8f91\u9632\u706b\u5899\u89c4\u5219\uff1b3. \u5141\u8bb8\u7aef\u53e3\u901a\u8fc7 selinux\uff1b4. \u91cd\u542f\u9632\u706b\u5899\u548c selinux\uff1b5. \u9a8c\u8bc1\u8bbf\u95ee\u7aef\u53e3\u662f\u5426\u5df2\u5f00\u901a\u3002 \u5982\u4f55\u5f00\u901a Linux \u670d\u52a1\u5668\u7aef\u53e3 \u5f00\u901a Linux \u670d\u52a1\u5668\u7aef\u53e3\u9700\u8981\u9075\u5faa\u4ee5\u4e0b\u6b65\u9aa4\uff1a 1. \u786e\u5b9a\u8981\u5f00\u901a\u7684\u7aef\u53e3 \u9996\u5148\uff0c\u786e\u5b9a\u60a8\u9700\u8981\u5f00\u901a\u7684\u7aef\u53e3\u3002\u5b83\u53ef\u4ee5\u662f\u5e38\u89c1\u7684\u7aef\u53e3\uff08\u4f8b\u5982 80 \u6216 443\uff09\uff0c\u4e5f\u53ef\u4ee5\u662f\u81ea\u5b9a\u4e49\u7aef\u53e3\u3002 2. \u7f16\u8f91\u9632\u706b\u5899\u89c4\u5219 \u4f7f\u7528 ufw\uff08\u4e0d\u53ef\u4fee\u6539\u9632\u706b\u5899\uff09\u6216 firewalld\uff08\u52a8\u6001\u9632\u706b\u5899\uff09\u7ba1\u7406\u60a8\u7684\u9632\u706b\u5899\u89c4\u5219\u3002 \u4f7f\u7528 ufw\uff1a sudo ufw allow &lt;port&gt; \u767b\u5f55\u540e\u590d\u5236 \u4f7f\u7528 firewalld\uff1a sudo firewall-cmd &#8211;permanent &#8211;add-port=&lt;port&gt;\/tcp sudo firewall-cmd &#8211;reload \u767b\u5f55\u540e\u590d\u5236 3. \u5141\u8bb8\u7aef\u53e3\u901a\u8fc7 SELinux SELinux\uff08\u5b89\u5168\u589e\u5f3a\u578b Linux\uff09\u53ef\u80fd\u4f1a\u963b\u6b62\u7aef\u53e3\u8bbf\u95ee\u3002\u8981\u6388\u4e88\u7aef\u53e3\u8bbf\u95ee\u6743\u9650\uff0c\u8bf7\u8fd0\u884c\uff1a sudo setsebool -P httpd_can_network_connect_db on \u767b\u5f55\u540e\u590d\u5236 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[],"class_list":["post-63677","post","type-post","status-publish","format-standard","hentry","category-os"],"_links":{"self":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/63677","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/comments?post=63677"}],"version-history":[{"count":0,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/63677\/revisions"}],"wp:attachment":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/media?parent=63677"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/categories?post=63677"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/tags?post=63677"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}