Failed to restart iptables.service: Unit not found.

在CentOS 7中防火墙已经由firewalld来管理,Centos7默认安装了firewalld,没有安装的可以用yum 命令安装，与iptables区别不小

yum install firewalld firewalld-config

查看防火墙状态

[root@localhost /]# systemctl status firewalld //或者 firewall-cmd --state
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: inactive (dead)            //inactive表示为关闭状态
     Docs: man:firewalld(1)

启动防火墙

[root@localhost /]# systemctl start firewalld.service

重启防火墙

firewall-cmd --reload  或者  service firewalld restart

防火墙开放3306端口

 firewall-cmd --zone=public --add-port=3306/tcp --permanent  //--permanent永久生效,没有此参数防火墙重启便失效

防火墙关闭开放的3306端口

 firewall-cmd --zone=public --remove-port=3306/tcp --permanent

禁用防火墙

 systemctl stop firewalld

设置开机启动

systemctl enable firewalld

停止并禁用开机启动

systemctl disable firewalld

查看端口列表

firewall-cmd --permanent --list-port