1.查看已開放的端口
firewall-cmd --list-ports
2.開放單個端口(開放后需要要重啟防火牆才生效)
firewall-cmd --zone=public --add-port=8080/tcp --permanent
3.開放多個端口(開放后需要要重啟防火牆才生效)
firewall-cmd --zone=public --add-port=20000-29999/tcp --permanent
(--permanent 為永久生效,不加為單次有效(重啟失效))
4.關閉端口(關閉后需要要重啟防火牆才生效)
firewall-cmd --zone=public --remove-port=8080/tcp --permanent
5.查看端口是否打開
firewall-cmd --zone= public --query-port=80/tcp
6.查看防火牆狀態(兩種方式)
firewall-cmd --state
systemctl status firewalld
7.開啟防火牆
systemctl start firewalld
8.重啟防火牆 (兩種方式)
firewall-cmd --reload
systemctl restart firewalld
9.設置開機啟動防火牆
systemctl enable firewalld
10.查看防火牆設置開機自啟是否成功
systemctl is-enabled firewalld;echo $?
11.禁止防火牆開機啟動
systemctl disable firewalld
12.停止防火牆
systemctl stop firewalld