Linux firewall and selinux of startup, shutdown, and view

CentOS7.X follows:

1. Firewall

View the status of the firewall:

[root@localhost sunan]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:firewalld(1)

Active wherein is inactive (dead) in the closed state, active (running) on ​​state

Turn off the firewall command:

[root@localhost sunan]# systemctl stop firewalld.service 

Open the firewall command:

[root@localhost sunan]# systemctl start firewalld.service

Permanently disable the firewall command (not boot from the start)

[root@localhost sunan]# systemctl disable firewalld.service
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

Permanent start the firewall command (post launch)

[root@localhost sunan]# systemctl enable firewalld.service   
Created symlink from /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service to /usr/lib/systemd/system/firewalld.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/firewalld.service to /usr/lib/systemd/system/firewalld.service.

CentOS6.X follows:

1. Firewall

View the status of the firewall:

[root@localhost ~]# service iptables status

Turn off the firewall command:

[root@localhost ~]# service iptables stop
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]

Open the firewall command:

[root@localhost ~]# service iptables start
iptables: Applying firewall rules:                         [  OK  ]

Permanently disable the firewall command (not boot from the start)

[root@localhost ~]# chkconfig iptables off

Permanent start the firewall command (post launch)

[root@localhost ~]# chkconfig iptables on

2.selinux (CentOS7.X same CentOS6.X)

View selinux status:

[root@localhost sunan]# getenforce 
Enforcing

selinux state has three modes:
enforcing: compulsory mode, on behalf of selinux running, and has begun to limit the right domain / type of.
permissive: tolerance mode, on behalf of selinux operation, but there will be warning information only and does not actually restrict access to domain / type of. This mode can be used to debug purposes as the selinux
disabled: off, selinux not actually running.
Command set SELinux, the premise is not disabled state:

[root@localhost ~]# setenforce 0
[root@localhost ~]# getenforce  
Permissive

0 wherein the setenforce | 1
0: set state premissive;
1: setting in enforcing state;
this setting: restart the system ineffective.
Modify the configuration file, set selinux is disabled state:

[root@localhost ~]# vim /etc/selinux/config

SELINUX=disabled
SELINUXTYPE=targeted

Save, reboot the system to take effect.