https://blog.csdn.net/s_p_j/article/details/80979450 firewalld配置
防火墙放行端口:
systemctl unmask firewalld
firewall-cmd --list-all-zones
firewall-cmd --permanent --add-port=15672/tcp
firewall-cmd --permanent --add-port=3306/tcp
firewall-cmd --permanent --add-port=8080/tcp
firewall-cmd --reload
firewall-cmd --list-all-zones
删除
firewall-cmd --permanent --remove-port=7004/tcp
firewall-cmd --zone= public --remove-port=80/tcp --permanent
开放8080端口
firewall-cmd --permanent --add-port=8080/tcp
firewall-cmd --zone=public --add-port=80/tcp --permanent
取消开放22端口
firewall-cmd --permanent --remove-port=8080/tcp
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="183.6.50.25" port protocol="tcp" port="80" accept"
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="183.6.50.25" port protocol="tcp" port="443" accept"
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="183.6.50.25" port protocol="tcp" port="46656" accept"
firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address="183.6.50.25" port protocol="tcp" port="80" accept"
firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address="183.6.50.25" port protocol="tcp" port="443" accept"
firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address="183.6.50.25" port protocol="tcp" port="46656" accept"
firewall-cmd --reload
配置文件加映射:
cat /etc/firewalld/zones/public.xml
<rule family="ipv4">
<source address="0.0.0.0/0"/>
<forward-port to-addr="192.168.11.241" to-port="2224" protocol="tcp" port="2224"/>
</rule>
<rule family="ipv4">
<source address="0.0.0.0/0"/>
<forward-port to-addr="192.168.4.187" to-port="23456" protocol="tcp" port="23456"/>
</rule>
<rule family="ipv4">
<source address="0.0.0.0/0"/>
<forward-port to-addr="192.168.11.249" to-port="22" protocol="tcp" port="3722"/>
</rule>
<rule family="ipv4">
<source address="0.0.0.0/0"/>
<forward-port to-addr="192.168.11.244" to-port="5080" protocol="tcp" port="5080"/>
</rule>
<rule family="ipv4">
<source address="0.0.0.0/0"/>
<forward-port to-addr="192.168.11.36" to-port="3389" protocol="tcp" port="23389"/>
</rule>
<rule family="ipv4">
<source address="0.0.0.0/0"/>
<forward-port to-addr="192.168.11.236" to-port="5672" protocol="tcp" port="55672"/>
</rule>
<rule family="ipv4">
<source address="0.0.0.0/0"/>
<forward-port to-addr="192.168.11.41" to-port="3389" protocol="tcp" port="63389"/>
</rule>