最新消息:vps推荐

firewall-cmd常用命令

linux Terry 393浏览 0评论
#安装firewalld防火墙
yum install firewalld

# 开启防火墙
systemctl start firewalld.service

# 防火墙开机启动
systemctl enable firewalld.service

# 关闭防火墙
systemctl stop firewalld.service

# 查看防火墙状态
firewall-cmd --state

# 查看现有的规则
iptables -nL

# 重载防火墙配置
firewall-cmd --reload

# 添加单个单端口
firewall-cmd --permanent --zone=public --add-port=81/tcp

# 添加多个端口
firewall-cmd --permanent --zone=public --add-port=8080-8083/tcp

# 删除某个端口
firewall-cmd --permanent --zone=public --remove-port=81/tcp

#封禁ip
firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='222.222.222.222' reject"  
firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='222.222.222.0/24' reject" 
# 针对某个 IP开放端口
firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='192.168.142.166' port protocol='tcp' port='6379' accept"
firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='192.168.0.233' accept"

# 删除某个IP
firewall-cmd --permanent --remove-rich-rule="rule family='ipv4' source address='192.168.1.51' accept"

# 针对一个ip段访问
firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='192.168.0.0/16' accept"
firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='192.168.1.0/24' port protocol='tcp' port='9200' accept"

# 添加操作后别忘了执行重载
firewall-cmd --reload

 

转载请注明:Terry's blog » firewall-cmd常用命令

发表我的评论
取消评论
表情

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址