# 允许指定IP到指定端口
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.x.x" port protocol="tcp" port="8080" accept"
firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address="192.168.x.x" port protocol="tcp" port="8080" accept"
这里可以添加一个ip地址,也可以使用IP段
e.g.
source address="192.168.x.x"
source address="192.168.x.x/xx"
# 允许所有人访问端口
sudo firewall-cmd --permanent --add-port=80/tcp
sudo firewall-cmd --permanent --remove-port=80/tcp
# 查看
sudo firewall-cmd --list-all
# 查看添加情况
sudo firewall-cmd --list-rich-rules
PS:记住所有操作后需要 reload 生效
sudo systemctl reload firewalld