Centos 7之Firewalld相关命令详细介绍
引言:Centos 7是目前非常流行的Linux发行版本,本文将重点介绍如何来使用firewalld相关命令启动服务以及添加服务或者端口等操作。
1. 查看firewall服务状态
>> systemctl status firewalld
[root@flybird ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
显示当前的firewall并未启动
2. 启动/关闭firewall
>> systemctl start/stop firewalld
[root@flybird ~]# firewall-cmd --query-port=5000/tcp
no
[root@flybird ~]# firewall-cmd --add-port=5000/tcp --permanent
success
3. 禁用或者启用firewall
>> systemctl disable/enable firewalld
4. 查看端口是否开放
>>> firewall-cmd --query-port=8020/tcp
5. 新增开发端口
>> firewall-cmd --add-port=5000/tcp --permanent
[root@flybird ~]# firewall-cmd --query-port=5000/tcp
no
[root@flybird ~]# firewall-cmd --add-port=5000/tcp --permanent
success
6. 关于服务
>> firewall-cmd --add-service=ftp --permanent
>> firewall-cmd --remove-service=ftp --permanent
7. 查看firewall状态
>> firewall-cmd --status
>> systemctl status firewalld
8. 查看 firewall目前开放的内容
>> firewall-cmd --list-all
[root@flybird ~]# firewall-cmd --list-all
public (default)
interfaces:
sources:
services: dhcpv6-client http ssh
ports: 443/tcp80/tcp3306/tcp6739/tcp10051/tcp10050/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
9. 查看开发的端口
>> firewall-cmd --list-port
10. 查看firewall-cmd命令的使用说明
>> firewall-cmd --help
13.重启防火墙
[root@localhost~]# systemctl restart firewalld.service
1
大功告成!
14 添加端口,以8080为例
[root@localhost ~]# firewall-cmd --permanent --zone=public --add-port=8080/tcpsuccess
命令含义:
–zone #作用域
–add-port=8080/tcp #添加端口,格式为:端口/通讯协议
–permanent #永久生效,没有此参数重启后失效
网友评论