As per the old rules, don’t say much and just go straight to the code!
firewall-cmd --zone=public --add-port=3306/tcp --permanent
firewall-cmd --reload
This is the open port command (because it is used when installing the MySQL database, so 3306 is written directly here. When you use it, just change it to your own port!), the specific meaning of the command: by operating the firewall, Open port 3306 to the public area and take effect permanently. After opening the port, you need to reload the firewall configuration to take effect.
firewall-cmd --zone=public --remove-port=3306/tcp --permanent
firewall-cmd --reload
This is a port closing command. Similarly, the firewall configuration also needs to be reloaded (firewall-cmd --reload).
firewall-cmd: Firewall operation command.
--zone=public: Open port to public zone.
--remove-port=3306/tcp: Specify the port number.
--permanent: Take effect permanently. Otherwise, it will shut down again after restarting.
Advanced section
systemctl start firewalld.service: Turn on the firewall.
systemctl status firewalld: View the status of the firewall. (from a system level)
systemctl stop firewalld: Turn off the firewall.
systemctl disable firewalld: disable the firewall from starting at boot.
firewall-cmd --state: View the status of the firewall. (from a firewall perspective)
firewall-cmd --list-ports: View open ports.
netstat -tanlp: List all processes occupying ports. (Including port number, pid, process name)
netstat -apn | grep 3306: Query the specified port number.