Shulou(Shulou.com)06/02 Report--

1. Installation

Yum install iptables-services # install iptables

2. Use of systemctl

Unlock the service by executing the command in systemctl unmask firewalld #

Systemctl mask firewalld # execute the next time you need to lock down the service

Systemctl start firewalld.service # start the firewall

Systemctl stop firewalld.service # stop the firewall

Systemctl reloadt firewalld.service # reload configuration

Systemctl restart firewalld.service # restart the service

Systemctl status firewalld.service # shows the status of the service

Systemctl enable firewalld.service # enable services at boot time

Systemctl disable firewalld.service # disable the service at boot time

Systemctl is-enabled firewalld.service # check whether the service is booted and started

Systemctl list-unit-files | grep enabled # View the list of started services

Systemctl-- failed # View the list of services that failed to start

3. Use of firewall-cmd

Firewall-cmd-- state # View firewall status

Firewall-cmd-- reload # updates firewall rules

Firewall-cmd-- state # View firewall status

Firewall-cmd-reload # reload firewall rules

Firewall-cmd-- list-ports # View all open ports

Firewall-cmd-- list-services # View all allowed services

Firewall-cmd-get-services # get all supported services

# region dependent

Firewall-cmd-- list-all-zones # View all zone information

Firewall-cmd-- get-active-zones # View active area information

Firewall-cmd-- set-default-zone=public # sets public as the default area

Firewall-cmd-- get-default-zone # View default zone information

Firewall-cmd-- zone=public-- add-interface=eth0 # add interface eth0 to area public

# API related

Firewall-cmd-- zone=public-- remove-interface=eth0 # remove interface eth0 from the area public

Firewall-cmd-- zone=default-- change-interface=eth0 # modify the area to which the interface eth0 belongs to default

Firewall-cmd-- get-zone-of-interface=eth0 # View the area to which the interface eth0 belongs

4. Use cases

Firewall-cmd-- query-port=8080/tcp # query whether the port is open

Firewall-cmd-- add-port=80/tcp-- permanent # permanently add port 80 exception (global)

Firewall-cmd-remove-port=80/tcp-permanent # permanent deletion of port 80 exception (global)

Firewall-cmd-- add-port=65001-65010/tcp-- permanent # permanently add 65001-65010 exceptions (global)

Firewall-cmd-- zone=public-- add-port=80/tcp-- permanent # permanently add port 80 exception (area public)

Firewall-cmd-- zone=public-- remove-port=80/tcp-- permanent # permanent deletion of port 80 exception (area public)

Firewall-cmd-zone=public-add-port=65001-65010/tcp-permanent # permanently add 65001-65010 exceptions (regional public)

Firewall-cmd-- reload # restart the firewall (restart the firewall after changing the configuration)

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.