When the system starts a firewall to prevent outside access;
needed to access the outside world, if you turn off the firewall, will lose protection capabilities;
Each service has its own port number, so when the firewall starts, you can specify access to the services to the outside world through open ports ;
firewall firewall-cmd command, - zone = (punlic) for the object (all), the port number 8080 is exemplary
centos7 default startup firewall, the firewall in order to use the command command (parentheses centos6 start of the firewall, to apply centos7 )
1, temporarily start the firewall: systemctl start firewalld (service firewalld start )
to restart the firewall: systemctl restart firewalld (service firewalld restart )
set the boot: systemctl enable firewalld (chkconfig iptables ON)
2, temporarily turn off the firewall: systemctl stop firewalld (service firewalld stop )
is provided to close the boot: systemctl disable firewalld (chkconfig iptables off )
3, open ports: firewall-cmd --zone = public --add -port = 8080 / tcp ( plus --permanent open the boot is provided (i.e., permanent));
adding and open a new port: iptables -I INPUT TCP --dport 8080 -j ACCEPT -p
. 4, removal port: firewall-cmd = --zone public --remove-port = 8080 / TCP -permanent
. 5, view the status of the firewall: firewall-cmd --state
. 6, again load firewall (refresh): firewall-cmd --reload
7, to see which ports are open: firewall-cmd = --permanent --zone the ports public --list-
8, to see the machine opens up which services: firewall-cmd - -permanent --zone = public --list-services