开启和关闭防火墙命令如下:
查看防火状态 systemctl status firewalld 2:暂时关闭防火墙 systemctl stop firewalld 3:永久关闭防火墙 systemctl disable firewalld systemctl stop firewalld.service 4:重启防火墙 systemctl enable firewalld 5、查看防火墙已开通的端口: sudo firewall-cmd --list-ports 6、开放指定端口: firewall-cmd --zone=public --add-port=80/tcp --permanent 命令含义:–zone #作用域;–add-port=3306/tcp #添加端口,格式为:端口/通讯协议;–permanent #永久生效,没有此参数重启后失效 7、从Linux防火墙中删除已开放的端口: firewall-cmd --zone=public --remove-port=6379/tcp
给指定的IP开放/关闭指定的端口:
添加规则
// 允许ip127.0.0.1访问8888端口 firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="127.0.0.1" port protocol="tcp" port="8888" accept" //重新载入一下防火墙设置,使设置生效 firewall-cmd --reload //查看已设置规则 firewall-cmd --zone=public --list-rich-rules
删除规则
//限制IP为127.0.0.1的地址禁止访问8888端口即禁止访问机器 firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="127.0.0.1" port protocol="tcp" port="8888" reject" //删除已设置规则 firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address=" 127.0.0.1" port protocol="tcp" port="8888" accept"
标签:--,IP,cmd,端口,防火墙,firewall,Linux,port From: https://www.cnblogs.com/supyang/p/18213072