因此,当我尝试设置 Postfix 以发送邮件时,我通过 ssh 进入了正在运行的实例。我正在遵循本教程:http://flurdy.com/docs/postfix/#ec2。我进入了 Shorewall 部分并按照所有说明操作。我想在我这样做的时候,我将自己锁在了 SSH 之外。
目前我想删除将我锁定在 ssh 之外的 Shorewall 防火墙。我该怎么做?
Shorewall 设置:
/etc/shorewall/interfaces
net eth0 detect dhcp,tcpflags,logmartians,nosmurfs
/etc/shorewall/zones
Add the firewall if not there and the internet as a zone.
fw firewall
# loc ipv4
net ipv4
/etc/shorewall/hosts
# loc eth0:192.168.0.0/24
/etc/shorewall/policy
$FW net ACCEPT
net $FW DROP info
net all DROP info
# The FOLLOWING POLICY MUST BE LAST
all all REJECT info
/etc/shorewall/routestopped
eth0 0.0.0.0 routeback
/etc/shorewall/rules
Ping/ACCEPT net $FW
# Permit all ICMP traffic FROM the firewall TO the net zone
ACCEPT $FW net icmp
# mail lines
SMTP/ACCEPT net $FW
SMTPS/ACCEPT net $FW
Submission/ACCEPT net $FW
IMAP/ACCEPT net $FW
IMAPS/ACCEPT net $FW
#web
Web/ACCEPT net $FW
答案1
解决此问题的正确方法是启动新实例并挂载旧目录。使用新实例挂载旧目录后,您应该能够撤消防火墙并将其从实例的启动中删除。然后重新启动旧实例,防火墙将不会启动。然后像平常一样 ssh 进入它。
这里有一个关于如何操作的很好的教程。 https://aws.amazon.com/articles/5213606968661598