一、查看firewall服务状态
[appuser@zyapp nginx]$ sudo systemctl status firewalld
二、开启、重启、关闭firewalld服务
# 开启 [appuser@zyapp nginx]$ sudo systemctl start firewalld.service
# 重启 [appuser@zyapp nginx]$ sudo systemctl restart firewalld.service
# 关闭firewall [appuser@zyapp nginx]$ sudo systemctl stop firewalld.service
#禁止firewall开机启动 [appuser@zyapp nginx]$ sudo systemctl disable firewalld.service
三、查看开放网络的服务和端口
#查询哪些服务开放了网络 [appuser@zyapp nginx]$ sudo firewall-cmd --permanent --list-services ssh dhcpv6-client
#查询指定端口是否开放 [zyappuser@zyapp nginx]$ sudo firewall-cmd --query-port=80/tcp
yes
四、查看防火墙规则
查看当前正在生效的防火墙规则。
[appuser@zyapp nginx]$ sudo firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: eth0 sources: services: ssh dhcpv6-client ports: 80/tcp protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
查看防火墙的开放的端口
#查看防火墙的开放的端口 [zyappuser@zyapp nginx]$ sudo firewall-cmd --permanent --list-ports 80/tcp
五、开放端口、移除端口
# 开放80端口 [zyappuser@zyapp nginx]$ sudo firewall-cmd --permanent --add-port=80/tcp
# 移除端口 [zyappuser@zyapp nginx]$ sudo firewall-cmd --permanent --remove-port=80/tcp
# 修改配置后要重启防火墙 [zyappuser@zyapp nginx]$ sudo firewall-cmd --reload