開啟和關閉防火牆命令如下:
檢視防火狀態 systemctl status firewalld 2:暫時關閉防火牆 systemctl stop firewalld 3:永久關閉防火牆 systemctl disable firewalld systemctl stop firewalld.service 4:重啟防火牆 systemctl enable firewalld 5、檢視防火牆已開通的埠: sudo firewall-cmd --list-ports 6、開放指定埠: firewall-cmd --zone=public --add-port=80/tcp --permanent 命令含義:–zone #作用域;–add-port=3306/tcp #新增埠,格式為:埠/通訊協議;–permanent #永久生效,沒有此引數重啟後失效 7、從Linux防火牆中刪除已開放的埠: firewall-cmd --zone=public --remove-port=6379/tcp
給指定的IP開放/關閉指定的埠:
新增規則
// 允許ip127.0.0.1訪問8888埠 firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="127.0.0.1" port protocol="tcp" port="8888" accept" //重新載入一下防火牆設定,使設定生效 firewall-cmd --reload //檢視已設定規則 firewall-cmd --zone=public --list-rich-rules
刪除規則
//限制IP為127.0.0.1的地址禁止訪問8888埠即禁止訪問機器 firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="127.0.0.1" port protocol="tcp" port="8888" reject" //刪除已設定規則 firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address=" 127.0.0.1" port protocol="tcp" port="8888" accept"