发表于 2013-10-7 16:55:33
Most notes on the Oracle MOS support site suggest disabling the firewall supplied in most Linux distros as managed by the iptables program. I think this is a bit drastic, and results in lazy thinking at best, and an exposed database server subject to all sorts of hacker invasion at worst.
If you don’t want to understand every nuance of Linux firewalls, but do want to at least not completely disable it, the easiest fix is to add a simple rule to your iptables configuration on each server in the cluster.
As root:
vi /etc/sysconfig/iptables
add the following line before any REJECT rules, changing eth1 to whatever your private interface is
-A RH-Firewall-1-INPUT -p udp -i eth1 -j ACCEPT
Restart the firewall
service iptables restart iptables -nvL
You should see a line with increasing packet activity for the UDP protocol on your private network interface.
This leaves all other firewall rules in place, and allows only UDP traffic on the private interface.
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
支持
反对