开机启动的开启与禁止
# 开机启动
systemctl enable firewalld
# 不开机启动
systemctl disable firewalld
基本操作
# 查看状态
systemctl status firewalld
systemctl start firewalld
systemctl stop firewalld
systemctl restart firewalld
服务、端口的添加与删除
# 添加服务,其实就是开启22端口
firewalld-cmd --permanent --add-service=ssh
# 添加端口
firewalld-cmd --permanent --add-port=1234/tcp
# 删除服务
firewalld-cmd --permanent --remove-service=ssh
# 删除端口
firewalld-cmd --permanent --remove-port=1234/tcp
使操作生效
firewall-cmd --reload
查看被firewalld允许的服务
firewall-cmd --permanent --list-all
端口转发
# 将80端口转发至8080
firewall-cmd --add-forward-port=port=80:proto=tcp:toport=8080
# 将80端口转发至192.168.0.1
firewall-cmd --add-forward-port=port=80:proto=tcp:toaddr=192.168.0.1
# 将80端口的流量转发至192.168.0.1的8080端口
firewall-cmd --add-forward-port=port=80:proto=tcp:toaddr=192.168.0.1:toport=8080
# 删除端口转发
firewall-cmd --remove-forward-port=port=80:proto=tcp:toaddr=192.168.0.1