Some common firewall configurations in CentOS7 are described

Firewall in centos 7 is a very powerful function, but for centos 7 has been upgraded in the firewall, let's take a detailed look at some common configuration of firewall in CentOS7.

#  Start the  
systemctl start firewalld
#  Check the status 
systemctl status firewalld
#  Stop closing 
systemctl disable firewalld
systemctl stop firewalld
#  the 1 Three source addresses are whitelist to allow all connections from this source address 
#  This is common in clusters 
#  Use after setting firewall-cmd --reload Update firewall rules 
firewall-cmd --add-rich-rule 'rule family="ipv4" source address="192.168.1.215" accept' --permanent
firewall-cmd --reload
#  Users in a particular domain pass through ssh You can connect, 24 logo 255.255.255.0
firewall-cmd --remove-service=ssh --permanent
firewall-cmd --add-rich-rule 'rule family=ipv4 source address=172.16.30.0/24 service name=ssh accept' --permanent 
firewall-cmd --reload
firewall-cmd --list-all 
#  will 1 10 users added to the whitelist 
firewall-cmd --add-lockdown-whitelist-user=hadoop --permanent
firewall-cmd --reload
#  The user id Removed from the white list 
firewall-cmd --remove-lockdown-whitelist-uid=uid
firewall-cmd --reload
#  View all open ports: 
firewall-cmd --list-ports
#  Open the port in an area 
firewall-cmd --zone=public --add-port=8080/tcp --permanent
#  Close port 
firewall-cmd --remove-port=465/tcp 
#  Open the service, see /etc/firewalld  directory services Services in folders that can be configured 
firewall-cmd --permanent --zone=public --add-service=samba
firewall-cmd --add-service=http --permanent 
firewall-cmd --reload
#  Close the service 
firewall-cmd --zone=public --remove-service=samba
firewall-cmd --reload

Official documents and common references:

https://access.redhat.com/documentation/zh-CN/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Using_Firewalls.html

https://www.server-world.info/en/note?os=CentOS_7&p=firewalld