Shulou(Shulou.com)06/03 Report--

Reload firewall configuration

Firewall-cmd-reload

-- permanent stands for permanent opening / closing of the port, not temporary. Run the above reload command every time you add a permanent one. If you use the above reload command, the temporary addition will become invalid.

If you look at the firewall, you can also see the added port

Firewall-cmd-list-all

Add a single port

Firewall-cmd-permanent-zone=public-add-port=81/tcp

Add multiple ports

Firewall-cmd-permanent-zone=public-add-port=8080-8083/tcp

Delete a port

Firewall-cmd-permanent-zone=public-remove-port=81/tcp

View all firewall policies (that is, show all policies under / etc/firewalld/zones/)

Firewall-cmd-list-all-zones

Comparison of iptables and firewalld (to achieve the same function)

Iptables-An INPUT-s 10.100.103.15-p tcp-- dport 22-j ACCEPTiptables-An INPUT-s 10.104.101.0 dport 22-p tcp-- dport 22-j ACCEPTiptables-An INPUT-p tcp-- dport 22-j DROPiptables-An INPUT-s 10.100.103.12-p udp-dport 123-j ACCEPTiptables-An INPUT-p udp-dport 123-j DROPfirewall-cmd-add-rich-rule= "rule family=" ipv4 "source address=" 10.100.103 .12X 32 "port protocol=" udp "port=" 123 "accept"-permanentfirewall-cmd-- add-rich-rule= "rule family=" ipv4 "source address=" 10.104.101.0 "port protocol=" tcp "port=" 22 "accept"-permanentfirewall-cmd-add-rich-rule= "rule family=" ipv4 "source address=" 10.100.103.15 32 "port protocol=" tcp "port=" 22 "accept"-permanentfirewall-cmd-remove-service=ssh-permanentfirewall-cmd-reload

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.