centos防火墙命令

发布于 2023-08-04  3403 次阅读

AI 摘要

CentOS7.x系统默认防火墙是firewalld,可以通过一系列命令来管理防火墙。首先可以使用"firewall-cmd --state"命令来查看防火墙状态,如果返回"not running",表示防火墙未开启。要开启防火墙,可以使用"systemctl start firewalld.service"命令;要关闭防火墙,可以使用"systemctl stop firewalld.service"命令。如果需要重启防火墙,可以使用"systemctl restart firewalld.service"命令。通过"firewall-cmd --zone=public --list-ports"可以查看防火墙开放的所有端口。若要开放特定端口,例如开放80端口,可以使用"firewall-cmd --zone=public --add-port=80/tcp --permanent"命令。对于配置的修改,可以使用"firewall-cmd --reload"来使其立即生效。如果需要关闭特定端口,可以使用"firewall-cmd --zone=public --remove-port=80/tcp --permanent"命令。以上是CentOS7.x防火墙的基本命令操作。

CentOS7.x防火墙开/关和添加端口

CentOS7.X,系统默认防火墙是firewalld,以CentOS7.6示例

1.查看防火墙状态

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
firewall-cmd --state
firewall-cmd --state
firewall-cmd --state

not running是未开启状态

 

2.开启防火墙

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
systemctl start firewalld.service
systemctl start firewalld.service
systemctl start firewalld.service

running是运行状态

 

3.关闭防火墙 

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
systemctl stop firewalld.service
systemctl stop firewalld.service
systemctl stop firewalld.service

 

 

4.重启防火墙

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
systemctl restart firewalld.service
systemctl restart firewalld.service
systemctl restart firewalld.service

 

 

5.查看防火墙所有开放的端口

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
firewall-cmd --zone=public --list-ports
firewall-cmd --zone=public --list-ports
firewall-cmd --zone=public --list-ports

 

该端口为远程端口号

 

6.开放端口   # 开放80端口 

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=80/tcp --permanent

 

返回值为success即为开放成功

7. 使配置立即生效 

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
firewall-cmd --reload
firewall-cmd --reload
firewall-cmd --reload

 

 

8.关闭80端口

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
firewall-cmd --zone=public --remove-port=80/tcp --permanent
firewall-cmd --zone=public --remove-port=80/tcp --permanent
firewall-cmd --zone=public --remove-port=80/tcp --permanent

 

总结备份

<code lang=”php”>firewall-cmd --state</code>

firewall-cmd --state

systemctl start firewalld.service

systemctl stop firewalld.service

systemctl restart firewalld.service

firewall-cmd --zone=public --list-ports

firewall-cmd --zone=public --add-port=80/tcp --permanent

firewall-cmd --reload

firewall-cmd --zone=public --remove-port=80/tcp --permanent

  1. CentOS7.x防火墙开/关和添加端口