systemctl status firewalldCheck firewall status
systemctl stop firewalldStop firewall
systemctl disable firewalldDisable firewall
systemctl start firewalldStart firewall
systemctl is a service management tool command introduced from centos7.x, which combines the functions of the previous service and chkconfig.
Before version 7 or the minimal version of systemclt is not installed, you can use service to control the firewall.
service iptables statusView the firewall status.
service iptables stopTemporarily turn off the firewall.
service iptables startStart the firewall.
service iptables restartRestart the firewall.
chkconfig iptables offPermanently turn
chkconfig iptables onoff the firewall.
There are several types of firewalls coexisting in CentOS 7: firewalld, iptables, ebtables. The default is to use firewalld to manage the netfilter subsystem, but the underlying commands are still iptables and so on.
Compared with iptables, firewalld has the downside that each service needs to be set to allow it, because the default is to deny it. The default in iptables is that each service is allowed, and only those that need to be denied are restricted.