1.Centos7 firewall相关指令
查看防火墙状态
1
systemctl status firewalld
开启防火墙
1
systemctl start firewalld
关闭防火墙
1
systemctl stop firewalld
关闭开机启动防火墙
1
systemctl disable firewalld
开机启动防火墙
1
systemctl enable firewalld
2.Centos6 iptables使用
查看防火墙状态
1
service iptables status
临时关闭防护墙
1
service iptables stop
永久关闭防护墙
1
chkconfig iptables off
开启防护墙
1
service iptables start
3.使用firewall-cmd命令
查看防火墙状态
1
firewall-cmd --state #running 表示运行
重新加载防火墙配置
1
firewall-cmd --reload
开启端口
1
2
3firewall-cmd --permanent --zone=public --add-port=8080/tcp #永久开启8080
firewall-cmd --zone=public --add-port=8080/tcp #临时开启8080
firewall-cmd --zone=public --add-port=8080-8081/tcp #临时开启8080-8081删除端口
1
firewall-cmd --permanent --zone=public --remove-port=8080/tcp
针对某个IP开放端口
1
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.142.166" port protocol="tcp" port="6379" accept"
删除针对某个IP开发端口
1
firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address="192.168.1.51" accept"
针对一个Ip端访问
1
2firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.0.0/16" accept"
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.1.0/24" port protocol="tcp" port="9200" accept"查看防火墙所有打开的端口
firewall-cmd --zone=public --list-ports
