Centos7 firewall ports open, view status, view open ports

Others 2020-03-13 11:06:40 views: null

CentOS7 open ports are closed to view the firewall to control specific command as follows:

View firewall state: (active (running) that is open state)

[root@WSS bin]# systemctl firewalld status
Unknown operation 'firewalld'.
[root@WSS bin]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since 四 2019-07-11 09:37:11 CST; 7h ago
Docs: man:firewalld(1)
Main PID: 44370 (firewalld)
Tasks: 2
CGroup: /system.slice/firewalld.service
└─44370 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

7月 11 09:37:13 WSS firewalld[44370]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete FORWARD...hain?).
7月 11 09:37:13 WSS firewalld[44370]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete FORWARD...hain?).
7月 11 09:37:13 WSS firewalld[44370]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete FORWARD...hain?).
7月 11 09:37:13 WSS firewalld[44370]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete FORWARD...t name.
7月 11 09:37:13 WSS firewalld[44370]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete FORWARD...t name.
7月 11 09:37:13 WSS firewalld[44370]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete INPUT -...hain?).
7月 11 09:37:13 WSS firewalld[44370]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete INPUT -...hain?).
7月 11 09:37:13 WSS firewalld[44370]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete OUTPUT ...hain?).
7月 11 09:37:13 WSS firewalld[44370]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete INPUT -...hain?).
7月 11 09:37:13 WSS firewalld[44370]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete INPUT -...hain?).
Hint: Some lines were ellipsized, use -l to show in full.
[Root @ WSS bin] #

 

View open ports: (8080 and 3306 that is already open ports)

[root@WSS bin]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens3 ens4
sources: 
services: ssh dhcpv6-client
ports: 8080/tcp 3306/tcp
protocols: 
masquerade: no
forward-ports: 
source-ports: 
icmp-blocks: 
rich rules: 
[Root @ WSS bin] #

 


After opening firewall ports open port :( need heavy-duty firewall)

[root@WSS bin]# firewall-cmd --zone=public --add-port=3306/tcp --permanent
success
[Root @ WSS bin] # 
[root@WSS bin]# firewall-cmd --reload
success
[Root @ WSS bin] #
# Command Meaning:
-zone # Scope
-Add -port = 80 / tcp # Add port, the format is: port / protocol
-permanent # permanent, this parameter does not restart after failure
Firewall -cmd --reload # does not interrupt user connections, ie without loss of state information

 

The basic use of firewalld

Start: systemctl start firewalld
Close: systemctl stop firewalld
View status: systemctl status firewalld
Power disabled: systemctl disable firewalld
Power On: systemctl enable firewalld

 

systemctl is CentOS7 service management tool in the main tool before it blends service and chkconfig functions in one.

Start a service: systemctl start firewalld.service
Close a service: systemctl stop firewalld.service
Restart a service: systemctl restart firewalld.service
A status display services: systemctl status firewalld.service
Enable a service at boot: systemctl enable firewalld.service
At boot disable a service: systemctl disable firewalld.service
See if service startup: systemctl IS - Enabled firewalld.service
View your active list of services: systemctl List -unit-Files | grep Enabled
View a list of services failed to start: systemctl --failed

 

Configuration firewalld- cmd

View Version: Firewall -cmd - Version
View Help: Firewall -cmd - Help
Display status: Firewall -cmd - State
View all open ports: Firewall -cmd --zone = public --list- the ports
Update firewall rules: Firewall -cmd - reload
Viewing area information: Firewall -cmd --get-Active- Zones
Specifies an interface belongs: Firewall -cmd --get-Zone-of-interface = eth0
Reject all packages: Firewall -cmd --panic- ON
Unblock state: Firewall -cmd --panic- OFF
Check whether to reject: Firewall -cmd --query-panic

 

Guess you like

Origin www.cnblogs.com/beekimlin/p/12484957.html
Recommended
Ranking
error: (-215:Assertion failed) !_img.empty() in function ‘cv::imwrite‘
Database migration between Navicat servers
Minimum number of rotation of the array: Array
balenaEtcher for mac (make a boot disk software) v1.5.67
Custom processing serialization and deserialization in jackson
Mu-en-mask system development software
Mastering Regular Expressions
Find mileage Java--
Web pages can not directly concern the public micro-channel number how to do? A key to arouse public concern number of micro-channel solutions
[CodeForces - 739B] Alyona and a tree Tree + [difference] + bipartite
Daily
More
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)

Code World

© 2018 codetd.com