服务器评测
部分一:关闭ipv6
# ip add sh
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:7b:80:9b brd ff:ff:ff:ff:ff:ff
inet 172.24.0.20/24 brd 172.24.0.255 scope global eth1
inet6 fe80::20c:29ff:fe7b:809b/64 scope link
valid_lft forever preferred_lft forever
由上面的标识可知,当前系统的ipv6已经启用了,那么现在要将ipv6关闭:
# vi /etc/modprobe.conf
将“alias net-pf-10 ipv6”修改为如下:
alias net-pf-10 off
alias ipv6 off
然后重启系统,一定要重启系统才能看到效果。
# ip add sh
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:7b:80:9b brd ff:ff:ff:ff:ff:ff
inet 172.24.0.20/24 brd 172.24.0.255 scope global eth1
部分二:使用命令永久关闭防火墙
(1)首先查看当前防火墙的状态
linux:~ # SUSEfirewall2 status
SuSE系统会默认启用防火墙的,而且防火墙中默认存在很多规则。此时可以用下面命令立即关闭防火墙:
linux:~ # SuSEfirewall2 stop
SuSEfirewall2: Warning: ip6tables does not support state matching. Extended IPv6 support disabled.
SuSEfirewall2: batch committing…
SuSEfirewall2: Firewall rules unloaded.
(2)上面的操作只是确定当前系统已经关闭了防火墙,但不确保系统重启后仍然是关闭防火墙的,所以还要进行下面的操作:
linux:~ # chkconfig –list | grep -i fire
SuSEfirewall2_init 0:off 1:off 2:off 3:off 4:off 5:off 6:off B:on
SuSEfirewall2_setup 0:off 1:off 2:off 3:on 4:on 5:on 6:off
于是:
linux:~ # chkconfig SuSEfirewall2_setup off
linux:~ # chkconfig –list | grep -i fire
SuSEfirewall2_init 0:off 1:off 2:off 3:off 4:off 5:off 6:off B:on
SuSEfirewall2_setup 0:off 1:off 2:off 3:off 4:off 5:off 6:off
linux:~ # chkconfig –level B SuSEfirewall2_init off
linux:~ # chkconfig –list | grep -i fire
SuSEfirewall2_init 0:off 1:off 2:off 3:off 4:off 5:off 6:off
SuSEfirewall2_setup 0:off 1:off 2:off 3:off 4:off 5:off 6:off
至此,系统的防火墙完成关闭了。
