本文命令都是基于CentOS7系统
一、防火墙相关命令
- 临时关闭防火墙
[root@localhost ~]# systemctl stop firewalld
- 禁止防火墙开机启动
[root@localhost ~]# systemctl disable firewalld
- 开启防火墙
[root@localhost ~]# systemctl start firewalld
- 查看防火墙状态
[root@localhost ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since 五 2019-01-04 10:47:18 CST; 53s ago
Docs: man:firewalld(1)
Main PID: 1738 (firewalld)
CGroup: /system.slice/firewalld.service
└─1738 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
1月 04 10:47:17 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon...
1月 04 10:47:18 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
[root@localhost ~]#
- 重启防火墙
[root@localhost ~]# systemctl restart firewalld
二、开放端口相关命令
- 查看已经开放的端口
[root@localhost ~]# firewall-cmd --zone=public --list-ports
- 查看某个端口是否开放
[root@localhost ~]# firewall-cmd --zone=public --query-port=80/tcp
yes
- 开放端口
[root@localhost ~]# firewall-cmd --zone=public --add-port=80/tcp --permanent
参数解释:
1. --zone:作用域
2. --add-port=80/tcp:添加端口,格式为:端口号/通讯协议
3. --permanent:永久生效,没有此参数重启失效
- 移除开放端口
[root@localhost ~]# firewall-cmd --zone=public --remove-port=80/tcp --permanent
网友评论