#查看防火墙状态(关闭后显示notrunning,开启后显示running)
firewall-cmd --state
#停止firewall
systemctl stop firewalld.service
#开启firewall
systemctl start firewalld.service
#重启firewall
systemctl restart firewalld.service
#禁止firewall开机启动
systemctl disable firewalld.service
#设置firewall开机启动
systemctl enable firewalld.service
#查看firewall规则
firewall-cmd --list-all
#查看所有设置的端口
firewall-cmd --list-ports
# 查询端口是否开放
firewall-cmd --query-port=3306/tcp
#开放端口 --permanent 表示设置为持久
firewall-cmd --permanent --zone=public --add-port=3306/tcp
#移除端口
firewall-cmd --permanent --remove-port=3306/tcp
#重新加载
firewall-cmd --reload