The basic use of 0x00 firewalld
# Start: Start firewalld systemctl # View state: systemctl Status firewalld # Stop: systemctl disable firewalld # Disable: systemctl stop firewalld
0x01 systemctl is CentOS7 service management tool in the main tool before it blends service and chkconfig functions in one.
# Start a service: systemctl Start firewalld.service # shut down a service: systemctl STOP firewalld.service # restart a service: systemctl restart firewalld.service # displays the status of a service: systemctl Status firewalld.service # enable a service at boot: enable firewalld.service systemctl # at boot disable a service: systemctl disable firewalld.service # see if the service startup: systemctl iS-Enabled firewalld.service # view a list of services have been started: systemctl list-Unit-Files | grep Enabled # View a list of services failed to start: systemctl --failed
0x02 Configuration firewalld-cmd
# View Version: Firewall-cmd --version # view help: Firewall-cmd --help # show status: Firewall-cmd --state # view all open ports: firewall-cmd --zone = public --list -ports # update the firewall rules: firewall-cmd --reload # viewing area information: firewall-cmd --get-the Active-Zones # View the specified interface belongs: firewall-cmd --get-Zone-of-interface = eth0 # reject all package: Firewall-cmd --panic-ON # unblock state: Firewall-cmd --panic-OFF # see if refused: firewall-cmd --query-panic
Adding a port
# Firewall-cmd = --zone public --add-Port = 80 / TCP --permanent (--permanent permanent, this parameter is not restarted after the failure)
Reload
# firewall-cmd --reload
View
# firewall-cmd --zone= public --query-port=80/tcp
delete
# firewall-cmd --zone= public --remove-port=80/tcp --permanent