Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

(Optional) Enabling the Firewall Port

During installation, the Kunpeng DevKit checks whether the required port is enabled and helps enable the port through the interactive CLI. If you choose not to enable the port during the installation, you cannot use the tool properly.

If the firewall of the server OS is enabled, perform the following operations to enable the firewall port of the server OS. (If the firewall of the server OS is disabled, skip this step.)
  • In the following commands, 8086 is the HTTPS port number set in 6. Replace it with the actual port number.
  • If you have configured the hardware firewall, contact the network administrator to configure the hardware firewall and enable the ports that will be accessed.
  • CentOS/EulerOS/openEuler/RHEL 7.x/NeoKylin/Kylin/BC-Linux/iSoft/SUSE
    1. Check whether the firewall is enabled.
      1
      systemctl status firewalld

      If the firewall status is inactive, the firewall is not enabled. Skip the following steps in this case.

    2. Check whether the port is enabled.
      1
      firewall-cmd --query-port=8086/tcp

      If "no" is displayed, the port is not enabled.

    3. Enable the port permanently.
      1
      firewall-cmd --add-port=8086/tcp --permanent

      If "success" is displayed, the port is enabled successfully.

    4. Reload the configuration.
      1
      firewall-cmd --reload
    5. Check whether the port is enabled.
      1
      firewall-cmd --query-port=8086/tcp

      If "yes" is displayed, the port is enabled.

      • To remove a port, run the following command:
        1
        firewall-cmd --permanent --remove-port=8086/tcp

        If "success" is displayed, the port is successfully removed.

        After the port is removed, run the following command to reload the configuration:

        1
        firewall-cmd --reload
      • If firewalld is not available in the SUSE OS, install firewalld and then run the firewalld commands in the preceding steps.
  • Debian/Ubuntu/Deepin/Linx/UOS

    If UFW is installed, perform the following steps:

    1. Check the firewall and port status.
      1
      ufw status

      If the firewall status is inactive, the firewall is not enabled. Skip the following steps in this case.

    2. Enable the port.
      1
      ufw allow 8086/tcp
    3. Check whether the port is enabled.
      1
      ufw status

      If the value of Action is ALLOW, the port is enabled.

    • To remove a port, run the following command:
      1
      ufw delete allow 8086/tcp
    • When both UFW and firewalld are enabled in the system, run the firewalld command to check the port status. If the command output shows that the port is disabled, the tool cannot automatically enable the port. (If the tool automatically runs the firewalld command to enable the port, UFW will be disabled). You need to enable the port manually. You can disable UFW or firewalld. Then run the command to enable the port.
    If UFW is not installed and iptables provided by the OS is used, perform the following steps:
    1. Check whether the port is disabled.
      1
      iptables -L -n | grep 8086

      If no command output is displayed, the port is not disabled. Skip the following steps.

    2. If the port is disabled, run the following command to open the local firewall configuration file.
      1
      vi Firewall_configuration_file_name
    3. In the configuration file, change the corresponding port configuration to:
      1
2
      -A INPUT -p tcp --dport 8086 -j ACCEPT
-A OUTPUT -p tcp --sport 8086 -j ACCEPT
    4. Press Esc, type :wq!, and press Enter to save the file and exit.
    5. Import the configuration file.
      1
      iptables-restore
Parent topic: Common Operations