1.firewall防火墙状态查看
firewall-cmd --state
[root@localhost qjy]# firewall-cmd --state
running
2.firewall防火墙关闭
注意:是关闭firewalld.service,
systemctl stop firewalld.service
[root@localhost qjy]# systemctl stop firewalld.service
[root@localhost qjy]# firewall-cmd --state
not running
3.firewall防火墙开启
systemctl start firewalld.service
[root@localhost qjy]# systemctl start firewalld.service
[root@localhost qjy]# firewall-cmd --state
running
4.firewall防火墙开机自启开启
systemctl enable firewalld.service
[root@localhost qjy]# systemctl enable firewalld.service
Created symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service → /usr/lib/systemd/system/firewalld.service.
Created symlink /etc/systemd/system/multi-user.target.wants/firewalld.service → /usr/lib/systemd/system/firewalld.service.
5.firewall防火墙开机关闭
systemctl disable firewalld.service
[root@localhost qjy]# systemctl disable firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
CentOS7使用的是firewall防火墙,不再是原来的iptables
1:查看firewall防火墙状态
firewall-cmd --state
或者
systemctl status firewalld
2:打开防火墙
systemctl start firewalld
3:关闭防火墙
systemctl stop firewalld
4:重启防火墙
firewall-cmd --relaod
或者
systemctl reload firewalld
5:开机自启动防火墙
systemctl enable firewalld
6:禁止开机启动防火墙
systemctl disable firewalld
6:查看已打开的端口
firewall-cmd --list-ports
7:打开端口
firewall-cmd --permanent --zone=public --add-port=8080/tcp
其中permanent表示永久生效,public表示作用域,8080/tcp表示端口和类型
8:关闭端口
firewall-cmd --permanent --zone=public --remove-port=8080/tcp
9:防火墙重载
添加端口或者删除端口之后用这个命令重载才会生效
firewall-cmd --reload
网友评论