CentOS 7 中firewall-cmd命令详细介绍
<p><strong> CentOS 7 中firewall-cmd命令</strong></p>
<p>
在 CentOS 7</p>
<p>
暂时开放 ftp 服务<br>
# firewall-cmd --add-service=ftp</p>
<p>
永久开放 ftp 服务<br>
# firewall-cmd --add-service=ftp --permanent</p>
<p>
永久关闭<br>
# firewall-cmd --remove-service=ftp --permanent<br>
success</p>
<p>
让设定生效<br>
# systemctl restart firewalld</p>
<p>
检查设定是否生效<br>
# iptables -L -n | grep 21<br>
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 ctstate NEW</p>
<p>
检查防火墙状态<br>
# firewall-cmd --state<br>
running</p>
<p>
# systemctl stop firewalld<br>
# firewall-cmd --state<br>
not running</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_146069">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
<div class="line number4 index3 alt1">
4</div>
<div class="line number5 index4 alt2">
5</div>
<div class="line number6 index5 alt1">
6</div>
<div class="line number7 index6 alt2">
7</div>
<div class="line number8 index7 alt1">
8</div>
<div class="line number9 index8 alt2">
9</div>
<div class="line number10 index9 alt1">
10</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments"># firewall-cmd --list-all</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">public (default)</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash spaces"> </code><code class="bash plain">interfaces:</code>
</div>
<div class="line number4 index3 alt1">
<code class="bash spaces"> </code><code class="bash plain">sources:</code>
</div>
<div class="line number5 index4 alt2">
<code class="bash spaces"> </code><code class="bash plain">services: dhcpv6-client </code><code class="bash functions">ftp</code> <code class="bash functions">ssh</code>
</div>
<div class="line number6 index5 alt1">
<code class="bash spaces"> </code><code class="bash plain">ports:</code>
</div>
<div class="line number7 index6 alt2">
<code class="bash spaces"> </code><code class="bash plain">masquerade: no</code>
</div>
<div class="line number8 index7 alt1">
<code class="bash spaces"> </code><code class="bash plain">forward-ports:</code>
</div>
<div class="line number9 index8 alt2">
<code class="bash spaces"> </code><code class="bash plain">icmp-blocks:</code>
</div>
<div class="line number10 index9 alt1">
<code class="bash spaces"> </code><code class="bash plain">rich rules:</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
在 FirewallD 的服务名称</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_971626">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
<div class="line number4 index3 alt1">
4</div>
<div class="line number5 index4 alt2">
5</div>
<div class="line number6 index5 alt1">
6</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments"># firewall-cmd --get-service</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash plain">amanda-client bacula bacula-client dhcp dhcpv6 dhcpv6-client dns </code><code class="bash functions">ftp</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">high-availability http https imaps ipp ipp-client ipsec kerberos kpasswd </code>
</div>
<div class="line number4 index3 alt1">
<code class="bash plain">ldap ldaps libvirt libvirt-tls mdns mountd ms-wbt mysql nfs ntp openvpn</code>
</div>
<div class="line number5 index4 alt2">
<code class="bash spaces"> </code><code class="bash plain">pmcd pmproxy pmwebapi pmwebapis pop3s postgresql proxy-dhcp radius </code>
</div>
<div class="line number6 index5 alt1">
<code class="bash plain">rpc-bind samba samba-client smtp </code><code class="bash functions">ssh</code> <code class="bash plain">telnet tftp tftp-client transmission-client vnc-server wbem-https</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
查询服务的启用状态<br>
# firewall-cmd --query-service ftp<br>
yes<br>
# firewall-cmd --query-service ssh<br>
yes<br>
# firewall-cmd --query-service samba<br>
no<br>
# firewall-cmd --query-service http<br>
no</p>
<p>
自行加入要开放的 Port</p>
<div class="jb51code">
<div>
<div class="syntaxhighlighterbash" id="highlighter_319223">
<div class="toolbar">
<span>?</span>
</div>
<table border="0" cellpadding="0" cellspacing="0"><tbody><tr>
<td class="gutter">
<div class="line number1 index0 alt2">
1</div>
<div class="line number2 index1 alt1">
2</div>
<div class="line number3 index2 alt2">
3</div>
<div class="line number4 index3 alt1">
4</div>
<div class="line number5 index4 alt2">
5</div>
<div class="line number6 index5 alt1">
6</div>
<div class="line number7 index6 alt2">
7</div>
<div class="line number8 index7 alt1">
8</div>
<div class="line number9 index8 alt2">
9</div>
<div class="line number10 index9 alt1">
10</div>
<div class="line number11 index10 alt2">
11</div>
</td>
<td class="code">
<div class="container">
<div class="line number1 index0 alt2">
<code class="bash comments"># firewall-cmd --add-port=3128/tcp</code>
</div>
<div class="line number2 index1 alt1">
<code class="bash comments"># firewall-cmd --list-all</code>
</div>
<div class="line number3 index2 alt2">
<code class="bash plain">public (default)</code>
</div>
<div class="line number4 index3 alt1">
<code class="bash spaces"> </code><code class="bash plain">interfaces:</code>
</div>
<div class="line number5 index4 alt2">
<code class="bash spaces"> </code><code class="bash plain">sources:</code>
</div>
<div class="line number6 index5 alt1">
<code class="bash spaces"> </code><code class="bash plain">services: dhcpv6-client </code><code class="bash functions">ftp</code> <code class="bash functions">ssh</code>
</div>
<div class="line number7 index6 alt2">
<code class="bash spaces"> </code><code class="bash plain">ports: 3128</code><code class="bash plain">/tcp</code>
</div>
<div class="line number8 index7 alt1">
<code class="bash spaces"> </code><code class="bash plain">masquerade: no</code>
</div>
<div class="line number9 index8 alt2">
<code class="bash spaces"> </code><code class="bash plain">forward-ports:</code>
</div>
<div class="line number10 index9 alt1">
<code class="bash spaces"> </code><code class="bash plain">icmp-blocks:</code>
</div>
<div class="line number11 index10 alt2">
<code class="bash spaces"> </code><code class="bash plain">rich rules:</code>
</div>
</div>
</td>
</tr></tbody></table>
</div>
</div>
<div class="codetool" id="codetool">
<div class="code_n">
<textarea></textarea>
</div>
</div>
</div>
<p>
感谢阅读,希望能帮助到大家,谢谢大家对本站的支持!</p>
頁:
[1]