There are two ways to configure a firewall on CentOS7:
1. Use the xml configuration file to configure;
method one
cp /usr/lib/firewalld/services/http.xml /etc/firewalld/services/
firewall-cmd --reload
firewall-cmd --reload
2. Configuration using commands;
Method Two
##Add
firewall-cmd --permanent --zone=public --add-port=80/tcp
##Remove
firewall-cmd --permanent --zone=public --remove-port=80/tcp
##Reload
firewall-cmd --reload
firewall-cmd --permanent --zone=public --add-port=80/tcp
##Remove
firewall-cmd --permanent --zone=public --remove-port=80/tcp
##Reload
firewall-cmd --reload
Among them, the configuration method of method 2 is to indirectly modify the /etc/firewalld/zones/public.xml file, and scheme 1 also needs to add <service name="http"/> in public.xml, otherwise the firewall rules of http will not be Take effect , and both configuration methods need to reload the firewall.
Attached:
View firewall status
systemctl status firewalld.service
enable firewall
systemctl start firewalld.service
turn off firewall
systemctl stop firewalld.service
restart firewall
systemctl restart firewalld.service
From: http://www.myexception.cn/operating-system/1805212.html