The use of firewall in CentOS8

Others 2021-04-01 10:35:55 views: null

Article Directory

Firewalld and iptables in CentOS

Previous versions of CentOS7 are used by default iptables服务to manage firewall rules. CentOS7 and above versions use the firewalld服务management firewall by default . So in CentOS8, use its default firewalldconfiguration firewall.

firewalld related commands

Process and state

systemctl start firewalld.service    # 启动防火墙

systemctl stop firewalld.service     # 关闭防火墙

systemctl status firewalld.service   # 查看防具哦强状态

systemctl enable firewalld.service   # 设置防火墙随着系统启动

systemctl disable firewalld.service  # 禁止防火墙随着系统启动


firewall-cmd --state           # 查看防火墙状态

firewall-cmd --reload          # 更新防火墙规则

firewall-cmd --list-ports      # 查看所有打开的端口

firewall-cmd --list-services   # 查看所有允许的服务

firewall-cmd --get-services    # 获取所有支持的服务

Area related

firewall-cmd --list-all-zones            # 查看所有区域信息
firewall-cmd --get-active-zones          # 查看活动区域信息
firewall-cmd --set-default-zone=public   # 设置public为默认区域
firewall-cmd --get-default-zone          # 查看默认区域信息

Interface related

firewall-cmd --zone=public --add-interface=eth0      # 将接口eth0加入区域public

firewall-cmd --zone=public --remove-interface=eth0   # 从区域public中删除接口eth0

firewall-cmd --zone=default --change-interface=eth0  # 修改接口eth0所属区域为default

firewall-cmd --get-zone-of-interface=eth0            # 查看接口eth0所属区域

Port related

firewall-cmd --query-prt=8080/tcp    # 查询端口是否开放

firewall-cmd --add-port=8080/tcp --permanent  # 永久添加8080端口例外(全局)

firewall-cmd --remove-poet=8080/tcp --permanent  # 永久删除8080端口例外(全局)

firewall-cmd --add-port=65001-65010/tcp --permanent  # 永久增加65002~65010例外(全局)

firewall-cmd --zone=public --add-port=8080/tcp --permanent  # 永久添加8080端口例外(区域public)

firewall-cmd --zone=public --remove-port=8080/tcp --permanent  # 永久删除8080端口例外(区域public)

firewall-cmd --zone=public -add-port=65001-65010/tcp --permanent  # 永久增加65001~65010例外(区域public)

pay attention

After adding/changing firewall rules, either firewall-cmd --reloadupdate the firewall rules or restart the firewall, otherwise the rules will not take effect.

Most commonly used commands

firewalld-cmd --zone=public --add-port=8080/tcp --permanent

Command parsing

firewall-cmd: A tool (service) command for operating firewall provided by Linux;:
--zoneMost used domain;:
--add-port=8080/tcpAdd port, format is: port/communication protocol; add means add, remove corresponds to remove
permanent: permanent zodiac, invalid after restart without this parameter

Guess you like

Origin blog.csdn.net/qq_27198345/article/details/112095819
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com