Centos7 has firewalld installed by default. If it is not installed, you can use yum install firewalld firewalld-config to install it
1. Start the firewall
systemctl start firewalld
2. Disable the firewall
systemctl stop firewalld
3. Set boot up
systemctl enable firewalld
4. Stop and disable startup on boot
sytemctl disable firewalld
5. Restart the firewall
firewall-cmd --reload
6. Check the status
systemctl status firewalld或者 firewall-cmd --state
7. View version
firewall-cmd --version
8. View Help
firewall-cmd --help
9. View regional information
firewall-cmd --get-active-zones
10. View the information about the area to which the specified interface belongs
firewall-cmd --get-zone-of-interface=eth0
11. Reject all packages
firewall-cmd --panic-on
12. Cancel Reject Status
firewall-cmd --panic-off
13. See if it is rejected
firewall-cmd --query-panic
14. Add the interface to the zone (the default interface is public)
firewall-cmd --zone=public --add-interface=eth0(永久生效再加上 --permanent 然后reload防火墙)
15. Set the default interface area
firewall-cmd --set-default-zone=public(立即生效,无需重启)
16. Update firewall rules
firewall-cmd --reload或firewall-cmd --complete-reload(两者的区别就是第一个无需断开连接,就是firewalld特性之一动态
添加规则,第二个需要断开连接,类似重启服务)
17. View all open ports in the specified area
firewall-cmd --zone=public --list-ports
18. Open the port in the designated area (remember to restart the firewall)
firewall-cmd --zone=public --add-port=80/tcp(永久生效再加上 --permanent)
Description:
–zone scope
–add-port=8080/tcp Add port, the format is: port/communication protocol
–permanent #Permanent effect, invalid after restart without this parameter