Linux view firewall, open ports

Language 2023-07-01 12:35:42 views: null

1. Check the status of the firewall: active (running) is the open state

systemctl status firewalld

2. If the active status is not displayed, you need to open the firewall

systemctl start firewalld

3. View all open ports

#临时开放端口
firewall-cmd --list-ports
#永久开放端口
firewall-cmd --list-ports --permanent

4. New firewall open port

firewall-cmd --zone=public --add-port=3306/tcp --permanent 

命令含义:

--zone #作用域

--add-port=3306/tcp #添加端口,格式为:端口/通讯协议

--permanent #永久生效,没有此参数重启后失效

5. Close the firewall port

#临时关闭
firewall-cmd --remove-port=80/tcp
#永久关闭
firewll-cmd --remove-port=80/tcp --permanent

6. After the configuration is completed, you need to enter the reload command and restart the firewall to take effect

#重载
firewall-cmd --reload
#重启
systemctl restart firewalld

7. Basic command of firewalld

#启动
systemctl start firewalld

#关闭
systemctl stop firewalld

#查看状态
systemctl status firewalld

#开机禁用
systemctl disable firewalld

#开机启用
systemctl enable firewalld

8. Configure the firewalld-cmd command

#查看版本
firewall-cmd --version
#查看帮助
firewall-cmd --help
#显示状态
firewall-cmd --state
#查看所有打开的端口
firewall-cmd --zone=public --list-ports
#更新防火墙规则
firewall-cmd --reload
#查看区域信息
firewall-cmd --get-active-zones
#查看指定接口所属区域
firewall-cmd --get-zone-of-interface=eth0
#拒绝所有包
firewall-cmd --panic-on
#取消拒绝状态
firewall-cmd --panic-off
#查看是否拒绝
firewall-cmd --query-panic
#查询指定端口是否已开
firewall-cmd --query-port=3306/tcp
#移除指定端口
firewall-cmd --permanent --remove-port=3306/tcp

9. Systemctl related commands

#启动一个服务
systemctl start firewalld.service

#关闭一个服务
systemctl stop firewalld.service

#重启一个服务
systemctl restart firewalld.service

#显示一个服务的状态
systemctl status firewalld.service

#在开机时启用一个服务
systemctl enable firewalld.service

#在开机时禁用一个服务
systemctl disable firewalld.service

#查看服务是否开机启动:
systemctl is-enabled firewalld.service

#查看已启动的服务列表
systemctl list-unit-files|grep enabled

#查看启动失败的服务列表
systemctl --failed

10. Check the port number

netstat -ntlp //查看当前所有tcp端口

netstat -ntulp |grep 3306 //查看所有3306 端口使用情况

11. If it cannot be opened

先用:systemctl unmask firewalld.service
然后:systemctl start firewalld.service

Guess you like

Origin blog.csdn.net/askuld/article/details/130617107
Recommended
Rushing to the GitHub hot list——How can open source programming languages and frameworks be so cute?
Beijing Humanoid Robot Innovation Center launches Tiangong, the world's first full-size humanoid robot with purely electric drive for anthropomorphic running
Ranking
8个无需编写代码即可使用 Python 内置库的方法
Java collections interview knowledge Lite
Machine learning algorithms foundation - Introduction a (watermelon materials for the book)
(Easy) Ransom Note - LeetCode
[Five days] Qt from entry to actual combat: the second day
Remember once extremely pit father can not download Maven Jar package of issues: IDEA question
The minimum cost Shortest
OSPF study map (the most complete version)
Network Takeaways
GnuPG
Daily
More
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)

Code World

© 2018 codetd.com