centos7防火墙(转载)
关闭防火墙: systemctl stop firewalld
开机自关闭: systemctl disable firewalld
打开防火墙: systemctl start firewalld
开机自打开: systemctl enable firewalld
配置 firewalld-cmd
查看防火墙状态: firewall-cmd --state
查看所有打开的端口: firewall-cmd --zone=public --list-ports
使配置生效: firewall-cmd --reload (操作完成之后一定要加上这个命令使其生效)
查看已经生效的规则: firewall-cmd --list-all
添加多个端口
firewall-cmd --permanent --zone=public --add-port=8080-8090/tcp
删除某个端口
firewall-cmd --permanent --zone=public --remove-port=8888/tcp
开放IP
firewall-cmd --permanent --add-rich-rule=“rule family=“ipv4” source address=“192.168.88.1” accept”
针对某个 IP开放端口
firewall-cmd --permanent --add-rich-rule=“rule family=“ipv4” source address=“192.168.88.1” port protocol=“tcp” port=“333” accept”
删除某个IP
firewall-cmd --permanent --remove-rich-rule=“rule family=“ipv4” source address=“192.168.88.1” accept”
删除某个IP对应的端口
firewall-cmd --permanent --remove-rich-rule=“rule family=“ipv4” source address=“192.168.88.1” port protocol=“tcp” port=“9999” accept”