1、查看firewall服务状态
[root@CentOS7_1 ~]# systemctl status firewalld ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: active (running) since 二 2020-07-28 16:53:16 CST; 2min 55s ago Docs: man:firewalld(1)
2、查看firewall的状态
[root@CentOS7_1 ~]# firewall-cmd --state running
3、开启、重启、关闭 firewalld.service 服务
# 开启 service firewalld start # 重启 service firewalld restart # 关闭 service firewalld stop
4、查看防火墙规则
[root@CentOS7_1 ~]# firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: enp0s3 sources: services: dhcpv6-client ssh ports: 80/tcp protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
5、查询、开放、关闭端口
# 查询端口是否开放 firewall-cmd --query-port=8080/tcp firewall-cmd --query-port=8888/tcp # 开放80端口 firewall-cmd --permanent --add-port=80/tcp firewall-cmd --permanent --add-port=8888/tcp firewall-cmd --permanent --add-port=888/tcp firewall-cmd --permanent --add-port=63306/tcp # 移除端口 firewall-cmd --permanent --remove-port=8080/tcp # 重启防火墙(修改配置后要重启防火墙) firewall-cmd --reload # 参数解释 1、firwall-cmd:是Linux提供的操作firewall的一个工具; 2、--permanent:表示设置为持久; 3、--add-port:标识添加的端口;