firewall服务器启动、停止
- 启动
systemctl start firewalld
- 关闭
systemctl stop firewalld
- 查看状态
systemctl status firewalld
- 开机启动配置
systemctl enable firewalld
- 开机启动关闭
systemctl disable firewalld
firewall策略配置:firewalld-cmd
- 重载配置规则
firewall-cmd --reload
- 查看配置规则
firewall-cmd --list-rich-rules
- 获取默认控制设置
firewall-cmd --get-default-zone
- 设置默认空间
firewall-cmd --set-default-zone=public
- 设置规则,设置完成后需要reload
###########设置规则###########
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="IP地址" accept"
# 开启端口
firewall-cmd --permanent --add-port=80/tcp
###########移除规则###########
firewall-cmd --remove-rich-rule "rule family="ipv4" source address="IP地址" accept"
# 移除端口
firewall-cmd --permanent --remove-port=80/tcp
# 拒绝所有ip流量
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="0.0.0.0" reject"
- 查看所有打开的端口
firewall-cmd --zone=public --list-ports
- 显示帮助
firewall-cmd --help