1.查看已开放的端口(默认不开放任何端口)
firewall-cmd --list-ports
2.查看防火墙相关IP和PORT配置
firewall-cmd --list-all
2.设置端口和源IP
firewall-cmd --zone=public --add-rich-rule ‘rule family=“ipv4” source address=“101.74.152.23” port port=6379 protocol=tcp accept’ --permanent
放开指定端口接收所有IP
firewall-cmd --zone=public --add-port=8443/tcp --permanent
3.重新加载
配置完防火墙规则,一定要重新加载,不然不生效
firewall-cmd --reload
4、查看防火墙状态
systemctl status firewalld.service
5.删除规则
firewall-cmd --zone=public --remove-rich-rule ‘rule family=“ipv4” source address=“101.74.152.23” port port=6379 protocol=tcp accept’ --permanent
6.开放9092端口
firewall-cmd --zone=public --add-port=9092/tcp --permanent
启动防火墙,创建批量规则,shell 脚本
#!/bin/bash
systemctl start firewalld.service
#放行指定ip
firewall-cmd --zone=public --add-rich-rule 'rule family="ipv4" source address="101.126.72.64" accept' --permanent
#开放本机指定端口
firewall-cmd --zone=public --add-port=8443/tcp --permanent
firewall-cmd --reload
删除防火墙规则,shell脚本
#!/bin/bash
#放行指定ip
firewall-cmd --zone=public --remove-rich-rule 'rule family="ipv4" source address="101.126.72.64" accept' --permanent
#开放本机指定端口
firewall-cmd --zone=public --add-port=8443/tcp --permanent
firewall-cmd --reload