In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-04 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >
Share
Shulou(Shulou.com)06/02 Report--
This article introduces the relevant knowledge of "what are the operation commands of CentOS7 firewall". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!
Installation:
Yum install firewalld
1. Basic use of firewalld
Launch: systemctl start firewalld
View status: systemctl status firewalld
Disable, disable boot: systemctl disable firewalld
Stop running: systemctl stop firewalld
two。 Configure firewalld-cmd
View version: firewall-cmd-- version
Check out help: firewall-cmd-help
Display status: firewall-cmd-- state
View all open ports: firewall-cmd-- zone=public-- list-ports
Update firewall rules: firewall-cmd-- reload
Update firewall rules and restart the service: firewall-cmd-- completely-reload
View activated Zone information: firewall-cmd-- get-active-zones
View the area to which the specified API belongs: firewall-cmd-- get-zone-of-interface=eth0
Reject all packages: firewall-cmd-- panic-on
Cancel rejection status: firewall-cmd-- panic-off
Check whether to reject: firewall-cmd-- query-panic
3. Trust level, specified by the value of Zone
Drop: discard all incoming packets without giving any response
Block: rejects all externally initiated connections and allows internally initiated connections
Public: allows the specified entry into the connection
External: as above, the incoming connection to camouflage is generally used for routing and forwarding.
Dmz: allow restricted access to the connection
Work: allows trusted computers to have restricted access to connections, similar to workgroup
Home: ditto, similar to homegroup
Internal: same as above, the scope is for all Internet users
Trusted: trust all connections
4.firewall opens and closes the port
The following all refer to the operations under the zone of public. Different Zone can simply change the value after Zone.
Add: firewall-cmd-- zone=public-- add-port=80/tcp-- permanent (--permanent takes effect permanently. It will expire after restart without this parameter)
Reload: firewall-cmd-- reload
View: firewall-cmd-- zone=public-- query-port=80/tcp
Delete: firewall-cmd-- zone=public-- remove-port=80/tcp-- permanent
5. Management service
Take the smtp service as an example, add it to work zone
Add: firewall-cmd-zone=work-add-service=smtp
View: firewall-cmd-- zone=work-- query-service=smtp
Delete: firewall-cmd-- zone=work-- remove-service=smtp
5. Configure IP address camouflage
View: firewall-cmd-- zone=external-- query-masquerade
Open: firewall-cmd-- zone=external-- add-masquerade
Close: firewall-cmd-- zone=external-- remove-masquerade
6. Port forwarding
To enable port forwarding, you first need to open the IP address camouflage firewall-cmd-- zone=external-- add-masquerade
Forward tcp port 22 to 3753: firewall-cmd-- zone=external-- add-forward-port=22:porto=tcp:toport=3753
Forward port data to the same port of another IP: firewall-cmd-- zone=external-- add-forward-port=22:porto=tcp:toaddr=192.168.1.112
Forward port data to port 3753 of another IP: firewall-cmd-- zone=external-- add-forward-port=22:porto=tcp::toport=3753:toaddr=192.168.1.112
6.systemctl is the main tool in CentOS7's service management tools, which combines the functions of service and chkconfig.
Start a service: systemctl start firewalld.service
Shut down a service: systemctl stop firewalld.service
Restart a service: systemctl restart firewalld.service
Displays the status of a service: systemctl status firewalld.service
Enable a service at boot time: systemctl enable firewalld.service
Disable one service at boot time: systemctl disable firewalld.service
Check to see if the service is powered on: systemctl is-enabled firewalld.service
View the list of started services: systemctl list-unit-files | grep enabled
View the list of services that failed to start: systemctl-- failed
This is the end of the content of "what are the operation commands of CentOS7 firewall". Thank you for your reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.