1. Basic use of firewalld
Start: systemctl start firewalld
Check the status: systemctl status firewalld
停止: systemctl disable firewalld
Disable: systemctl stop firewalld
2.systemctl is the main tool in the service management tool of CentOS7, which integrates the functions of the previous service and chkconfig.
Start a service: systemctl start firewalld.service
Stop a service: systemctl stop firewalld.service
Restart a service: systemctl restart firewalld.service
Display the status of a service: systemctl status firewalld.service
Enable a service at boot: systemctl enable firewalld.service
Disable a service at boot time: systemctl disable firewalld.service
Check whether the service starts at boot: systemctl is-enabled firewalld.service
Check the list of started services: systemctl list-unit-files|grep enabled
Check the list of services that failed to start: systemctl - -failed
3. Configure firewalld-cmd
Check the version: firewall-cmd --version
See help: firewall-cmd --help
Show status: firewall-cmd --state
View all open ports: firewall-cmd --zone=public --list-ports
Update firewall rules: firewall-cmd --reload
View zone information: firewall-cmd --get-active-zones
View the zone to which the specified interface belongs: firewall-cmd --get-zone-of-interface=eth0
Deny all packages: firewall-cmd --panic-on
Cancel the denied status: firewall-cmd --panic-off
Check for rejection: firewall-cmd --query-panic
How to open a port
Add to
firewall-cmd
--zone= public --add-port= 80/tcp --permanent (--permanent takes effect permanently, it will fail after restart without this parameter)
reload
firewall-cmd --reload
Check
80/tcp
delete
firewall-cmd
--zone= public --remove-port=80/tcp --permanent