Author: Empty mountain Charon
Source: CSDN
Original: https://blog.csdn.net/weiyangdong/article/details/79540217
Copyright: This article is a blogger original article, reproduced, please attach Bowen link!
In Centos 7 or Fedora or RHEL 7 firewall managed by firewalld, instead of iptables.
A, firewalld firewall
Command syntax is as follows: to enable regional port and protocol combinations
firewall-cmd [--zone=<zone>] --add-port=<port>[-<port>]/<protocol> [--timeout=<seconds>]
This will enable the combination of port and protocol.
Port may be a single port or a port range -.
Protocol can be tcp or udp.
View firewalld state
systemctl status firewalld
Open firewalld
systemctl start firewalld
Open ports
// --permanent 永久生效,没有此参数重启后失效
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=1000-2000/tcp --permanent
Reload
firewall-cmd --reload
View
firewall-cmd --zone=public --query-port=80/tcp
delete
firewall-cmd --zone=public --remove-port=80/tcp --permanent
Two, iptables firewall
You can also restore traditional management approach using iptables
systemctl stop firewalld
systemctl mask firewalld
Install iptables-services
yum install iptables-services
Set boot
systemctl enable iptables
Operation Command
systemctl stop iptables
systemctl start iptables
systemctl restart iptables
systemctl reload iptables
Save Settings
service iptables save
Add open a port in / etc / sysconfig / iptables Lane
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT
