Linux 运维-03防火墙管理

Centos6:

[root@localhost ~]# service iptables start                 # 开启防火墙
iptables: Applying firewall rules:                         [  OK  ]
[root@localhost ~]# service iptables status                # 查看防火墙状态
Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
4    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22 
5    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 
Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination         
1    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 
Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination         
[root@localhost ~]# chkconfig iptables off                 # 永久关闭防火墙（重启生效）
[root@localhost ~]# service iptables stop                  # 临时关闭防火墙（立即生效）
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Unloading modules:                               [  OK  ]
[root@localhost ~]# service iptables status                # 检查修改
iptables: Firewall is not running.
--------------------- 
作者：pengjunlee 
来源：CSDN 
原文：https://blog.csdn.net/pengjunlee/article/details/81589972 
版权声明：本文为博主原创文章，转载请附上博文链接！

Centos7: 

# Centos7 中使用 systemctl 命令来管理服务，命令格式如下
# systemctl [start 开启]|[stop 停止]|[restart 重启]|[status 状态][enable 开机启动]| [disable 禁止开机启动] 服务名称
[root@localhost ~]# systemctl start firewalld              # 开启防火墙
[root@localhost ~]# systemctl status firewalld             # 查看防火墙状态
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: active (running) since Wed 2018-08-08 09:18:09 CST; 24s ago           
         # active (running) 表示防火墙开启
     Docs: man:firewalld(1)
 Main PID: 21501 (firewalld)
   CGroup: /system.slice/firewalld.service
           └─21501 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
 
Aug 08 09:18:07 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon...
Aug 08 09:18:09 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
[root@localhost ~]# systemctl disable firewalld            # 永久关闭防火墙（重启生效）
[root@localhost ~]# systemctl stop firewalld               # 临时关闭防火墙（立即生效）
[root@localhost ~]# systemctl status firewalld             # 检查修改
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
         # inactive (dead) 表示防火墙关闭
     Docs: man:firewalld(1)
 
Aug 08 09:18:07 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon...
Aug 08 09:18:09 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
Aug 08 09:19:24 localhost.localdomain systemd[1]: Stopping firewalld - dynamic firewall daemon...
Aug 08 09:19:24 localhost.localdomain systemd[1]: Stopped firewalld - dynamic firewall daemon.