systemctl命令:
1、启动防火墙
systemctl start firewalld.service
或
systemctl start firewalld
2、关闭防火墙
systemctl stop firewalld.service
或
systemctl stop firewalld
3、重启防火墙
systemctl restart firewalld.service
或
systemctl restart firewalld
4、查看防火墙状态
firewall-cmd --state
systemctl status firewalld.service
或
systemctl status firewalld
5、开机禁用防火墙
systemctl disable firewalld.service
或
systemctl disable firewalld
6、开机启用防火墙
systemctl enable firewalld.service
或
systemctl enable firewalld
7、查看防火墙开机是否启动
systemctl is-enabled firewalld.service
或
systemctl is-enabled firewalld
8、查看已启动的服务列表
systemctl list-unit-files|grep enabled
9、查看启动失败的服务列表
systemctl --failed
firewall-cmd命令:
1、开启80端口,重启后失效
firewall-cmd --zone=public --add-port=80/tcp
2、开启80端口,重启后不失效(永久生效)
firewall-cmd --zone=public --add-port=80/tcp --permanent
3、查看80端口
firewall-cmd --zone=public --query-port=80/tcp
4、查看所有打开的端口
firewall-cmd --zone=public --list-ports
5、关闭80端口、重启后失效
firewall-cmd --zone=public --remove-port=80/tcp
6、关闭80端口,重启后不失效
firewall-cmd --zone=public --remove-port=80/tcp --permanent
7、查看版本
firewall-cmd --version
8、查看帮助
firewall-cmd --help
9、查看区域信息
firewall-cmd --get-active-zones
10、查看指定接口所属区域
firewall-cmd --get-zone-of-interface=eth0
11、开启拒绝所有包请求
firewall-cmd --panic-on
12、取消拒绝所有包请求
firewall-cmd --panic-off
13、查看是否拒绝
firewall-cmd --query-panic
14、查看防火墙规则
firewall-cmd --list-all