1. Basic commands
1) View firewall status
systemctl status firewalld
2) Start the firewall
systemctl start firewalld
3) Turn off the firewall
systemctl stop firewalld
4) Restart the firewall
systemctl restart firewalld
2. Open ports
1) Open port 3306
firewall-cmd --zone=public --add-port=3306/tcp --permanent
2) Reload the firewall settings to make the settings take effect
firewall-cmd --reload
3) You can check whether it takes effect through the following command
firewall-cmd --zone=public --query-port=3306/tcp
4) View all open ports of the system
firewall-cmd --zone=public --list-ports
3. Limit ports
1) Limit port 3306
firewall-cmd --zone=public --remove-port=3306/tcp --permanent
2) Reload the firewall settings to make the settings take effect
firewall-cmd --reload
4. Open or restrict ports in batches
1) Open ports in batches
For example, we need to open all the ports between 100 and 500
firewall-cmd --zone=public --add-port=100-500/tcp --permanent
2) Batch limit ports
firewall-cmd --zone=public --remove-port=100-500/tcp --permanent