在防火墙中开放443端口。
执行以下命令,识别系统当前的防火墙服务类型:
if command -v systemctl >/dev/null 2>&1 && systemctl is-active --quiet firewalld; then
echo "firewalld"
elif command -v ufw >/dev/null 2>&1 && sudo ufw status | grep -qw active; then
echo "ufw"
elif command -v nft >/dev/null 2>&1 && sudo nft list ruleset 2>/dev/null | grep -q 'table'; then
echo "nftables"
elif command -v systemctl >/dev/null 2>&1 && systemctl is-active --quiet iptables; then
echo "iptables"
elif command -v iptables >/dev/null 2>&1 && sudo iptables -L 2>/dev/null | grep -qE 'REJECT|DROP|ACCEPT'; then
echo "iptables"
else
echo "none"
fi若输出为 none,则无需进一步操作。否则,请根据输出的类型(firewalld、ufw、nftables、iptables),执行以下命令开放 443 端口:
firewalldsudo firewall-cmd --permanent --add-port=443/tcp && sudo firewall-cmd --reloadufwsudo ufw allow 443/tcpnftablessudo nft add table inet filter 2>/dev/null
sudo nft add chain inet filter input '{ type filter hook input priority 0; }' 2>/dev/null
sudo nft add rule inet filter input tcp dport 443 counter accept 2>/dev/nulliptablessudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT为避免 iptables 规则在系统重启后失效,请执行以下命令持久化 iptables 规则:
RHEL/CentOSsudo yum install -y iptables-services
sudo service iptables saveDebian/Ubuntusudo apt-get install -y iptables-persistent
sudo iptables-save | sudo tee /etc/iptables/rules.v4 >/dev/null