One, stop and open the firewall
systemctl stop firewalld.service
#Stop systemctl disable firewalld.service #Prohibit start-up
systemctl restart iptables.service
#Open systemctl enable iptables.service #Start-up
command
firewall-cmd --zone=public --add-port=80/tcp --permanent (--permanent takes effect permanently, and it becomes invalid after restart without this parameter)
Reload
firewall-cmd --reload
Restart a service:
systemctl restart firewalld.service
1. View the opened ports# netstat -anp
2. Check whether the port you want to open is open # firewall-cmd --query-port=666/tcp If this prompts FirewallD is not running, it means that the firewall is unknown and needs to check the status and open the firewall
3. View the firewall status# systemctl status firewalld running status means that the firewall has been turned on.
4. Turn on the firewall, # systemctl start firewalld opens successfully without any prompt
5. Turn on the firewall# service firewalld start Turn off the firewall# systemctl stop firewalld centos7.3 The above method may not be turned on, you can first #systemctl unmask firewalld.service and then # systemctl start firewalld.service 6. Check whether the port you want to open is open# firewall -cmd --query-port=666/tcp prompt no means not open
7. Open the permanent port number firewall-cmd --add-port=666/tcp --permanent prompt success means success
8. Reload configuration # firewall-cmd --reload For example, after adding rules, you need to execute this command
9. Check again whether the port you want to open is open # firewall-cmd --query-port=666/tcp prompt yes to indicate success
10. If you remove the port# firewall-cmd --permanent --remove-port=666/tcp
11. Modify iptables Some versions need to install iptables-services # yum install iptables-services and then modify into the directory /etc/sysconfig/iptables to modify the content