systemctl命令:
1、啟動防火牆
systemctl start firewalld.service
或
systemctl start firewalld
2、關閉防火牆
systemctl stop firewalld.service
或
systemctl stop firewalld
3、重啟防火牆
systemctl restart firewalld.service
或
systemctl restart firewalld
4、查看防火牆狀態
firewall-cmd --state
systemctl status firewalld.service
或
systemctl status firewalld
5、開機禁用防火牆
systemctl disable firewalld.service
或
systemctl disable firewalld
6、開機啟用防火牆
systemctl enable firewalld.service
或
systemctl enable firewalld
7、查看防火牆開機是否啟動
systemctl is-enabled firewalld.service
或
systemctl is-enabled firewalld
8、查看已啟動的服務列表
systemctl list-unit-files|grep enabled
9、查看啟動失敗的服務列表
systemctl --failed
firewall-cmd命令:
1、開啟80端口,重啟后失效
firewall-cmd --zone=public --add-port=80/tcp
2、開啟80端口,重啟后不失效(永久生效)
firewall-cmd --zone=public --add-port=80/tcp --permanent
3、查看80端口
firewall-cmd --zone=public --query-port=80/tcp
4、查看所有打開的端口
firewall-cmd --zone=public --list-ports
5、關閉80端口、重啟后失效
firewall-cmd --zone=public --remove-port=80/tcp
6、關閉80端口,重啟后不失效
firewall-cmd --zone=public --remove-port=80/tcp --permanent
7、查看版本
firewall-cmd --version
8、查看幫助
firewall-cmd --help
9、查看區域信息
firewall-cmd --get-active-zones
10、查看指定接口所屬區域
firewall-cmd --get-zone-of-interface=eth0
11、開啟拒絕所有包請求
firewall-cmd --panic-on
12、取消拒絕所有包請求
firewall-cmd --panic-off
13、查看是否拒絕
firewall-cmd --query-panic
14、查看防火牆規則
firewall-cmd --list-all