iptables is a piece of software, it works with netfilter (kernel space) to form our firewall.
The specific location of netfilter is under /lib/moudles/your kernel/kernel/net:
there is also netfilter related information under the bridge folder.
firewalls is an encapsulation of iptables, which is simpler to operate and applies to centos7.
Open firewalld can try some simple commands:
deny all packets
After executing this command, we found that we could not receive any messages through the external ssh port,
and ping this address could not ping:
We then turn on all data packets with the following command:
You can ping