firewall firewall
CentOS7 default firewall is a firewall at, rather than iptables
1, see the firewall service status
systemctl status firewalld
appears Active: active (running) cut highlighted it means is activated state.
Appears Active: inactive (dead) in gray stop, look at the words will do.
2, view the status of firewall
firewall-cmd --state
3, turn on, restart, shut down, firewalld.service service
Open
service firewalld start
Restart
service firewalld restart
shut down
service firewalld stop
4, see the firewall rules
firewall-cmd --list-all
5, query, open and closed ports
Query whether the port is open
firewall-cmd --query-port=8080/tcp
Open port 80
firewall-cmd --permanent --add-port=80/tcp
Removal port
firewall-cmd --permanent --remove-port=8080/tcp
Restart the firewall (firewall to restart after configuration changes)
firewall-cmd --reload
Parameter Description
1, firwall-cmd: the operation is a tool provided for Linux firewall;
2, - Permanent: provided persistent represented;
. 3, - the Add-Port: port identifier is added;
iptables firewall
1, the basic operation
Check firewall status
service iptables status
Stop firewall
service iptables stop
Start firewall
service iptables start
Restart the firewall
service iptables restart
Permanently turn off the firewall
chkconfig iptables off
Permanently closed after restart
chkconfig iptables on
2, the port 80 open
vim / etc / sysconfig / iptables
adding the following code
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
Save and exit reboot the firewall
service iptables restart
Stop firewalld service
to stop the firewall, and disable this service
sudo systemctl stop firewalld.service
sudo systemctl disable firewalld.service
Install iptables
if you want to use iptables, then you need to install the iptables service:
installation
sudo yum install iptables-services
Open iptables
sudo systemctl enable iptables
sudo systemctl enable ip6tables
Start Service
sudo systemctl start iptables
sudo systemctl start ip6tables
————————————————
Reference Links: https://blog.csdn.net/yelllowcong/article/details/75945339