1,防火墙启动
systemctl start firewalld
2.开启某个端口
firewall-cmd --permanent --zone=public --add-port=80/tcp
3.设置某个端口白名单
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.1.1" port protocol="tcp" port="2222" accept"
4.# 端口转发
firewall-cmd --add-forward-port=port=4545:proto=tcp:toaddr=192.168.1.1:toport=4444 --permanent
5.查看端口转发
firewall-cmd --zone=public --list-forward-ports
6# 刷新
firewall-cmd --reload