标签:firewall cmd 防火墙 rule -- permanent port
防火墙基本配置
查看防火墙版本
firewall-cmd --version
启动
systemctl start firewalld
关闭
systemctl stop firewalld
重启
systemctl restart firewalld
状态
systemctl status firewalld
查看当前规则
firewall-cmd --list-all
查看开放的端口
firewall-cmd --list-port
查看开放的端口
firewall-cmd --zone=public --list-ports
添加白名单与端口
添加白名单
firewall-cmd --permanent --add-rich-rule 'rule family=ipv4 source address=19.104.55.197 port port=1521 protocol=tcp accept'
移除规则
firewall-cmd --permanent --remove-rich-rule='rule family="ipv4" source address="192.168.1.1" port protocol="tcp" port="8080" accept'
添加黑名单
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.1.1" port protocol="tcp" port="8080" reject'
根据服务开放
firewall-cmd --permanent --add-service=http
测试工具traceroute
traceroute www.badu.com
traceroute -d IP
放开端口
firewall-cmd --zone=public --add-port=22/tcp --permanent
移除端口
firewall-cmd --zone=public --remove-port=80/tcp --permanent
重新加载
firewall-cmd --reload
标签:firewall,
cmd,
防火墙,
rule,
--,
permanent,
port
From: https://www.cnblogs.com/iamsssb/p/17282715.html