Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

(Optional) Enabling the Firewall Port

During an installation, the Kunpeng DevKit checks whether the required port is enabled and helps enable the port through the interactive CLI. If you choose not to enable the required port, the tool service cannot be used. To manually enable a port, perform the following operations:

If the firewall of the server OS is enabled, perform the following operations to enable the firewall port of the server OS. (If the firewall of the server OS is disabled, skip this step.)
  • If you have configured the hardware firewall, contact the network administrator to configure the hardware firewall and enable the ports that will be accessed.
  • CentOS/EulerOS/openEuler/RHEL 7.x/NeoKylin/Kylin/BC-Linux/iSoft/SUSE
    1. Check whether the firewall is enabled.
      1
      systemctl status firewalld

      If the firewall status is inactive, the firewall is not enabled. Skip the following steps in this case.

    2. Check whether the port is enabled.
      1
      firewall-cmd --query-port=8086/tcp

      If "no" is displayed, the port is not enabled.

    3. Enable the port permanently.
      1
      firewall-cmd --add-port=8086/tcp --permanent

      If "success" is displayed, the port is enabled successfully.

    4. Reload the configuration.
      1
      firewall-cmd --reload
    5. Check whether the port is enabled.
      1
      firewall-cmd --query-port=8086/tcp

      If "yes" is displayed, the port is enabled.

      • To remove a port, run the following command:
        1
        firewall-cmd --permanent --remove-port=8086/tcp

        If "success" is displayed, the port is successfully removed.

        After the port is removed, run the following command to reload the configuration:

        1
        firewall-cmd --reload
      • If firewalld is not available in the SUSE OS, install firewalld and then run the firewalld commands in the preceding steps.
  • Debian/Ubuntu/Deepin/Linx/UOS

    If UFW is installed, perform the following steps:

    1. Check the firewall and port status.
      1
      ufw status

      If the firewall status is inactive, the firewall is not enabled. Skip the following steps in this case.

    2. Enable the port.
      1
      ufw allow 8086/tcp
    3. Check whether the port is enabled.
      1
      ufw status

      If the value of Action is ALLOW, the port is enabled.

    • To remove a port, run the following command:
      1
      ufw delete allow 8086/tcp
    • When both UFW and firewalld are enabled in the system, run the firewalld command to check the port status. If the command output shows that the port is disabled, the tool cannot automatically enable the port. (If the tool automatically runs the firewalld command to enable the port, UFW will be disabled). You need to enable the port manually. You can disable UFW or firewalld. Then run the command to enable the port.
    If UFW is not installed and iptables provided by the OS is used, perform the following steps:
    1. Check whether the port is disabled.
      1
      iptables -L -n | grep 8086
      • If no command output is displayed, the port is not disabled. Skip the following steps.
      • If a command output is displayed, the port is disabled. Go to 2.
    2. If the port is disabled, run the following command to enable it:
      iptables -D INPUT -p tcp --dport 8086 -j DROP

      INPUT indicates the action initiated by an external server and DROP indicates the restriction rule. Replace them as the actual ones.

Parent topic: Common Operations