Summary of common commands for firewall firewall in centos 7
- 2020-05-27 07:54:39
- OfStack
preface
firewall is used by default instead of iptables service in CentOS7.0. The iptables command has been retained, but only with the same name.
firewall is a major feature of centos7, with two major benefits:
Support dynamic update You don't have to restart the service;The usage of Firewall firewall configuration under CentOS7 can be viewed through this article. The main content of this article is about the common commands of centos firewall in centos 7.
1. Turn firewall on and off
Activation:
systemctl start firewalld
View status:
systemctl status firewalld or firewall-cmd � state
Stop:
systemctl disable firewalld
Disable:
systemctl stop firewalld
2. Port operation
Open 1 port:
firewall-cmd � permanent � add-port=8080/tcp
Close 1 port:
firewall-cmd � permanent � remove-port=8080/tcp
Open a service:
firewall-cmd � permanent � add-service=http
Shut down a service:
firewall-cmd � permanent � remove-service=http
Port forwarding:
firewall-cmd � permanent � add-forward-port=port=80:proto=tcp:toport=8080:toaddr=192.0.2.55
Allow forwarding to other addresses:
firewall-cmd � permanent � add-masquerade
Reload the firewall:
systemctl status firewalld or firewall-cmd � state
0
3. The configuration firewall
View version:
systemctl status firewalld or firewall-cmd � state
1
See help:
systemctl status firewalld or firewall-cmd � state
2
View Settings:
Display status:$ firewall-cmd �state
View area information:
$ firewall-cmd �get-active-zones
View the region of the specified interface:
$ firewall-cmd �get-zone-of-interface=eth0
Reject all packages:
firewall-cmd � panic-on
Cancel reject status:
systemctl status firewalld or firewall-cmd � state
4
Check whether to reject:
systemctl status firewalld or firewall-cmd � state
5
conclusion