systemctl status firewalld
Check firewall status
systemctl stop firewalld
Stop firewall
systemctl disable firewalld
Disable firewall
systemctl start firewalld
Start firewall
systemctl is a service management tool command introduced from centos7.x, which combines the functions of the previous service and chkconfig.
Before version 7 or the minimal version of systemclt is not installed, you can use service to control the firewall.
service iptables status
View the firewall status.
service iptables stop
Temporarily turn off the firewall.
service iptables start
Start the firewall.
service iptables restart
Restart the firewall.
chkconfig iptables off
Permanently turn
chkconfig iptables on
off the firewall.
There are several types of firewalls coexisting in CentOS 7: firewalld, iptables, ebtables. The default is to use firewalld to manage the netfilter subsystem, but the underlying commands are still iptables and so on.
Compared with iptables, firewalld has the downside that each service needs to be set to allow it, because the default is to deny it. The default in iptables is that each service is allowed, and only those that need to be denied are restricted.