标签:
查看防火墙的状态
# firewall-cmd --state
running
# systemctl stop firewalld //关闭防火墙服务
# systemctl start firewalld //开启防火墙服务
# firewall-cmd --list-all
public (default, active)
interfaces: eno16777736
sources:
services: dhcpv6-client ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
查看某服务是否开启
# firewall-cmd --query-service ftp
yes
# firewall-cmd --query-service ssh
yes
# firewall-cmd --query-service samba
no
# firewall-cmd --query-service http
no
开启关闭服务端口
暂时开放 ftp 服務
# firewall-cmd --add-service=ftp
永久开放 ftp 服務
# firewall-cmd --add-service=ftp --permanent
永久关闭
# firewall-cmd --remove-service=ftp --permanent
success
重启一下
# systemctl restart firewalld
检查设置是否生效
# iptables -L -n | grep 21
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 ctstate NEW
设置特殊端口开放
# firewall-cmd --add-port=3128/tcp
# firewall-cmd --list-all
public (default)
interfaces:
sources:
services: dhcpv6-client ftp ssh
ports: 3128/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
标签:
原文地址:http://www.cnblogs.com/jjp816/p/4380025.html
