我有一个CentOS 7服务器,我打开了SNMP连接的端口.
即使我可以在这里看到端口打开:
- [matias@Centos_7_VM ~]$ sudo firewall-cmd --list-all
- [sudo] password for matias:
- public (active)
- target: default
- icmp-block-inversion: no
- interfaces: ens33
- sources:
- services: ssh dhcpv6-client
- ports: 80/tcp 10050/tcp 50000/tcp 161/tcp 160/tcp
- protocols:
- masquerade: no
- forward-ports:
- source-ports:
- icmp-blocks:
- rich rules:
当我试图从外面击中这个端口时,我总是得到关闭它.即使是nmap也同意这一点:
- Starting Nmap 7.01 ( https://nmap.org ) at 2018-08-01 14:52 -03
- Nmap scan report for Centos_7_VM (192.168.43.216)
- Host is up (0.52s latency).
- Not shown: 996 filtered ports
- PORT STATE SERVICE
- 22/tcp open ssh
- 80/tcp open http
- 161/tcp closed snmp
- 50000/tcp closed ibm-db2
我还能做些什么来打开这些端口? (是的,当我最初打开端口时,我重新加载了firewalld.)
SNMP是UDP协议,而不是TCP协议.所以你需要打开UDP端口,即161 / udp.
更好的是,只需指定服务名称,firewalld将负责处理.
- firewall-cmd <options> --add-service=snmp
