打开端口
firewall-cmd --zone=public --add-port=80/tcp --permanent
打开多个端口
firewall-cmd --zone=public --add-port=80-90/tcp --permanent
打开指定ip的端口
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.142.166" port protocol="tcp" port="5432" accept"
打开指定ip段的端口
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.2.0/24" port protocol="tcp" port="5432" accept"
生效已经配置的策略
systemctl restart firewalld.service
查看已经打开的端口
firewall-cmd --list-all
#删除
firewall-cmd --zone=public --remove-port=80/tcp --permanent
删除某个ip的端口的策略
firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address="192.168.142.166" port protocol="tcp" port="11300" accept"
删除某个ip段的端口的策略
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.2.0/24" port protocol="tcp" port="5432" accept"