1. Basic use of firewalld
Start : systemctl start firewalld
Check status: systemctl status firewalld
Stop: systemctl disable firewalld
Disable: systemctl stop firewalld
2.systemctl is the main tool in the service management tool of CentOS7, which integrates the functions of the previous service and chkconfig.
Start a service: systemctl start firewalld.service
Stop a service: systemctl stop firewalld.service
Restart a service: systemctl restart firewalld.service
Display the status of a service: systemctl status firewalld.service
Enable a service at boot: systemctl enable firewalld.service
Disable a service at boot time: systemctl disable firewalld.service
Check whether the service starts at boot: systemctl is-enabled firewalld.service
Check the list of started services: systemctl list-unit-files|grep enabled
Check the list of services that failed to start: systemctl – failed
3. Configure firewalld-cmd
View version: firewall-cmd –version
View help: firewall-cmd –help
Show status: firewall-cmd –state
View all open ports: firewall-cmd –zone=public –list-ports
Update firewall rules: firewall-cmd –reload
View zone information: firewall-cmd –get-active-zones
View the zone to which the specified interface belongs: firewall-cmd –get-zone-of-interface=eth0
Deny all packets: firewall-cmd –panic-on
Cancel the rejection status: firewall-cmd --panic-off
to see if it is rejected: firewall-cmd --query-panic
Then how to open a port?
Add
firewall-cmd –zone=public –add-port=80/tcp –permanent (-permanent takes effect permanently, it will fail after restart without this parameter)
Reload
firewall-cmd –reload to
view
firewall-cmd – zone= public --query-port=80/tcp
remove
firewall-cmd --zone= public --remove-port=80/tcp --permanent