systemctl status firewalld
firewall-cmd --zone = public --list-ports ## View open ports
2. Add port 5901 to the whitelist execution
firewall-cmd --permanent --zone=public --add-port=5901/tcp
Tip success means success
Command Meaning
--zone # scope
--add-port = 5901 / tcp # Add port, the format is: port / protocol
--permanent # permanent, this parameter does not restart after failure
You need to restart the firewall after successfully added: 3. Restart the firewall
firewall-cmd --reload
Other commonly used commands:
firewall-cmd --state ## View firewall status, whether it is running
Firewall-cmd --reload ## reload configuration, such as after adding rules need to execute this command
firewall-cmd --get-zones ## lists support the Zone
Firewall services ##-cmd --get-listed support services, services in the list is the release of the
firewall-cmd --query-service ftp ## ftp service to see whether the support, return yes or NO
Firewall-cmd --add-service = ftp ## ftp service temporarily open
firewall-cmd --add-service = ftp --permanent ## permanently open ftp service
firewall-cmd --remove-service = ftp --permanent ## permanently removed ftp service
firewall-cmd --add-port = 80 / tcp --permanent ## permanent 80-port add
firewall-cmd --remove-port = 80 / tcp --permanent ## permanent 80-port add
firewall-cmd --zone = public --list-ports ## View open ports
iptables -L -n ## Review the rules and iptables command is the same
man firewall-cmd