1.查看防火墙的状态
# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: active (running) since 二 2020-04-14 17:15:27 CST; 8s ago
Docs: man:firewalld(1)
Main PID: 15366 (firewalld)
Tasks: 2
Memory: 25.2M
CGroup: /system.slice/firewalld.service
└─15366 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
4月 14 17:15:26 controller systemd[1]: Starting firewalld - dynamic firewall daemon...
4月 14 17:15:27 controller systemd[1]: Started firewalld - dynamic firewall daemon.
2.开放22端口,SSH远程登录协议
# firewall-cmd --zone=public --add-port=22/tcp --permanent
success
–zone #作用域
–add-port=22/tcp #添加端口
–permanent #永久生效,没有此参数重启后失效
#以下是重新加载,开放端口需要重新加载
# firewall-cmd --reload
success
3.查看已经开放的端口
# firewall-cmd --list-ports
22/tcp
# netstat -antpul | grep 22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 9347/sshd
tcp 0 0 172.25.0.10:22 172.25.0.1:55394 ESTABLISHED 15267/sshd: root@pt
tcp6 0 0 :::22 :::* LISTEN 9347/sshd