firewall-cmd --get-zone 拿一个区域
firewall-cmd --zone=trusted --list-all查看指定区域下的规则
root@cpu:~# firewall-cmd --zone=trusted --list-all
trusted (active)
target: ACCEPT
icmp-block-inversion: no
interfaces: ens33 ens34 ens35
sources:
services:
ports:
protocols:
forward: yes
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
root@cpu:~# firewall-cmd --zone=trusted --add-forward-port=port=8888:proto=tcp:toport=22:toaddr=192.168.1.10
success
root@cpu:~# firewall-cmd --zone=trusted --list-all
trusted (active)
target: ACCEPT
icmp-block-inversion: no
interfaces: ens33 ens34 ens35
sources:
services:
ports:
protocols:
forward: yes
masquerade: no
forward-ports:
port=8888:proto=tcp:toport=22:toaddr=192.168.1.10
source-ports:
icmp-blocks:
rich rules:
firewall-cmd --zone=trusted --add-forward-port=port=8888:proto=tcp:toport=22;toadd=192.168.1.10
--remove-forward-port --remove-port