1.启动firewalld服务
systemctl start firewalld.service
2.关闭firewalld服务
systemctl stop firewalld.service
3.重启firewalld服务
systemctl restart firewalld.service
4.查看firewalld状态
systemctl status firewalld.service
5.开机自启firewalld
systemctl enable firewalld
6.查看版本
firewall-cmd --version
7.查看帮助
firewall-cmd --help
8.显示状态
firewall-cmd --state
9.查看当前所有规则
firewalld-cmd --list-all
10.查看所有打开的端口
firewall-cmd --zone=public --list-ports
11.更新防火墙规则
firewall-cmd --reload
12.添加开放端口
firewall-cmd --zone=public --add-port=80/tcp --permanent (permanent永久生效,没有此参数重启后失效)
13.查看端口是否开放
firewall-cmd --zone=public --query-port=80/tcp
14.删除开放端口
firewall-cmd --zone=public --remove-port=80/tcp --permanent
15.批量开放一段TCP端口
firewalld-cmd --permanent --add-port=8080-8080/tcp
16.开放IP的访问
firewalld-cmd --permanent --add-source=IP
17.开放整个源IP段的访问
firewalld-cmd --permanent --add-source=IP/22
18.移除IP访问
firewalld-cmd --permanent --remove-source=IP
19.允许指定IP访问本机80端口
firewalld-cmd --permanent --add-rich-rule='rule family="ipv4" source address="IP" port protocol="tcp" port="80" accept'
20.禁止指定IP访问本机80端口
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="IP" port protocol="tcp" port="80" reject'
21.移除指定IP访问本机80端口规则
firewalld-cmd --permanent --remove-rich-rule='rule family="ipv4" source address="IP" port protocol="tcp" por