查询防火墙状态
查询防火墙状态:systemctl status firewalld
Active: inactive (dead)为关闭
Active: active (running) 为打开
开启命令:systemctl start firewalld
临时关闭命令:systemctl stop firewalld
永久关闭命令:systemctl disable firewalld
1、放行指定端口(如9100)
firewall-cmd --add-port=9100/tcp --permanent
#重载入添加的端口:
firewall-cmd --reload
#查询指定端口是否开启成功:
firewall-cmd --query-port=9100/tcp
2、放行指定IP(如:10.10.110.55)
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="10.10.110.55" accept"
#重新载入
firewall-cmd --reload
查看iptables策略
iptables -L
对应文件在/etc/sysconfig/iptables,如果找不到
执行service iptables save,如果上述命令执行失败报出:The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.
3.安装或更新
安装或更新
yum install iptables-services
#再执行
service iptables save
执行完毕之后/etc/syscofig/iptables文件就有了
