1:环境:centos7
2:当在重启centos7 linux服务器后,再连接ftp客户端不能链接
此时需要检查以下几点:
2-1:核查ftp服务是否启动正常:
1 [[email protected] ~]# service vsftpd status
2 Redirecting to /bin/systemctl status vsftpd.service
3 ● vsftpd.service - Vsftpd ftp daemon
4 Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; enabled; vendor preset: disabled)
5 Active: active (running) since Fri 2017-08-25 09:20:59 CST; 30s ago
6 Process: 4517 ExecStart=/usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf (code=exited, status=0/SUCCESS)
7 Main PID: 4520 (vsftpd)
8 CGroup: /system.slice/vsftpd.service
9 └─4520 /usr/sbin/vsftpd /etc/vsftpd/vsftpd.conf
10
11 Aug 25 09:20:59 localhost.localdomain systemd[1]: Starting Vsftpd ftp daemon...
12 Aug 25 09:20:59 localhost.localdomain systemd[1]: Started Vsftpd ftp daemon.
13
如果是ftp服务没有启动起来:则需要执行启动命令
1 service vsftpd restart
2-2:核查firewall防火墙是否启动正常:
1 [[email protected] ~]# systemctl status firewalld.service
2 ● firewalld.service - firewalld - dynamic firewall daemon
3 Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
4 Active: active (running) since Fri 2017-08-25 09:00:20 CST; 25min ago
5 Docs: man:firewalld(1)
6 Main PID: 803 (firewalld)
7 CGroup: /system.slice/firewalld.service
8 └─803 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
9
10 Aug 25 09:00:13 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon...
11 Aug 25 09:00:20 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
12
如果是firewall 服务没有启动起来,则需要手动启动
1 [[email protected] ~]# systemctl restart firewalld.service
2 #并核查下 启动的端口情况
3 [[email protected] ~]# firewall-cmd --zone=public --list-ports
4 80/tcp 8080/tcp
5 #如果没有自己想要的端口,则添加端口,然后在重启firewall
6 [[email protected] ~]# firewall-cmd --zone=public --add-port=21/tcp --permanent
7 success
8 [[email protected] ~]# systemctl restart firewalld.service
9 [[email protected] ~]# firewall-cmd --zone=public --list-ports
10 21/tcp 80/tcp 8080/tcp
11
2-3:核查iptables 的状态是否启动正常。
1 [[email protected] ~]# service iptables status
2 Redirecting to /bin/systemctl status iptables.service
3 ● iptables.service - IPv4 firewall with iptables
4 Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)
5 Active: inactive (dead)
6 [[email protected] ~]#
7
如果 没有正常启动,则需要手动启动该服务。
1 [[email protected] ~]# service iptables restart
2
设置正常开机启动该服务:
1 [[email protected] ~]# cd /etc/rc.d
2 [[email protected] rc.d]# ls
3 init.d rc0.d rc1.d rc2.d rc3.d rc4.d rc5.d rc6.d rc.local
4 [[email protected] rc.d]# cat rc.local
5 #!/bin/bash
6 # THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES
7 #
8 # It is highly advisable to create own systemd services or udev rules
9 # to run scripts during boot instead of using this file.
10 #
11 # In contrast to previous versions due to parallel execution during boot
12 # this script will NOT be run after all other services.
13 #
14 # Please note that you must run ‘chmod +x /etc/rc.d/rc.local‘ to ensure
15 # that this script will be executed during boot.
16
17 touch /var/lock/subsys/local
18
19
20
21 /etc/init.d/nginx start
22 [[email protected] rc.d]# vi rc.local
23
在rc.loal 文件中添加 service iptables restart 确定命令
以下是 红色标注的内容是 添加的启动iptables服务的内容
1 [[email protected] ~]# cd /etc/rc.d/
2 [[email protected] rc.d]# ls
3 init.d rc0.d rc1.d rc2.d rc3.d rc4.d rc5.d rc6.d rc.local
4 [[email protected] rc.d]# cat rc.local
5 #!/bin/bash
6 # THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES
7 #
8 # It is highly advisable to create own systemd services or udev rules
9 # to run scripts during boot instead of using this file.
10 #
11 # In contrast to previous versions due to parallel execution during boot
12 # this script will NOT be run after all other services.
13 #
14 # Please note that you must run ‘chmod +x /etc/rc.d/rc.local‘ to ensure
15 # that this script will be executed during boot.
16
17 touch /var/lock/subsys/local
18
19
20 #开机默认启动nginx服务
21 /etc/init.d/nginx start
22 #开机重启 ip 防火墙
23
service iptables restart
如果以上3个服务都启动正常,则ftp客户端连接应该是正常的。若还有问题,则需要仔细核查
原文:http://www.cnblogs.com/ios9/p/linux_check_ipfirewall.html