Some common firewall configurations in CentOS7 are described
- 2020-05-14 05:46:30
- OfStack
Firewall in centos 7 is a very powerful function, but for centos 7 has been upgraded in the firewall, let's take a detailed look at some common configuration of firewall in CentOS7.
# Start the
systemctl start firewalld
# Check the status
systemctl status firewalld
# Stop closing
systemctl disable firewalld
systemctl stop firewalld
# the 1 Three source addresses are whitelist to allow all connections from this source address
# This is common in clusters
# Use after setting firewall-cmd --reload Update firewall rules
firewall-cmd --add-rich-rule 'rule family="ipv4" source address="192.168.1.215" accept' --permanent
firewall-cmd --reload
# Users in a particular domain pass through ssh You can connect, 24 logo 255.255.255.0
firewall-cmd --remove-service=ssh --permanent
firewall-cmd --add-rich-rule 'rule family=ipv4 source address=172.16.30.0/24 service name=ssh accept' --permanent
firewall-cmd --reload
firewall-cmd --list-all
# will 1 10 users added to the whitelist
firewall-cmd --add-lockdown-whitelist-user=hadoop --permanent
firewall-cmd --reload
# The user id Removed from the white list
firewall-cmd --remove-lockdown-whitelist-uid=uid
firewall-cmd --reload
# View all open ports:
firewall-cmd --list-ports
# Open the port in an area
firewall-cmd --zone=public --add-port=8080/tcp --permanent
# Close port
firewall-cmd --remove-port=465/tcp
# Open the service, see /etc/firewalld directory services Services in folders that can be configured
firewall-cmd --permanent --zone=public --add-service=samba
firewall-cmd --add-service=http --permanent
firewall-cmd --reload
# Close the service
firewall-cmd --zone=public --remove-service=samba
firewall-cmd --reload
Official documents and common references:
https://access.redhat.com/documentation/zh-CN/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Using_Firewalls.html
https://www.server-world.info/en/note?os=CentOS_7&p=firewalld