查看防火墙状态
systemctl status firewalld
开启防火墙
systemctl start firewalld.service
开机启动防火墙
systemctl enable firewalld.service
关闭防火墙
systemctl stop firewalld.service
禁止开机自启
systemctl disable firewalld.service
白名单配置如下:
新增防火墙规则(允许指定ip访问指定端口):
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.10.101" port protocol="tcp" port="8099" accept"
删除防火墙规则:
firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address="192.168.10.101" port protocol="tcp" port="8099" accept"
允许10.55.39.75访问所有端口(允许指定ip访问所有端口)
firewall-cmd --zone=public --add-rich-rule 'rule family="ipv4" source address="10.55.39.75" accept' --permanent
移除10.55.39.75访问所有端口
firewall-cmd --zone=public --remove-rich-rule 'rule family="ipv4" source address="10.55.39.75" accept' --permanent
执行reload
firewall-cmd --reload
设置完规则后执行如下命令,查看防火墙规则,查看设置是否已添加
firewall-cmd --list-all
如若没生效重启防火墙
systemctl restart firewalld.service
来源地址:https://blog.csdn.net/qq_45443475/article/details/127766388