1.查看防火墙状态
systemctl status firewalld
查看所有打开的端口
firewall-cmd --zone=public --list-ports
添加端口
firewall-cmd --zone=public --add-port=80/tcp
或者
vi /etc/firewalld/zones/public.xml
<?xml version="1.0" encoding="utf-8"?> <zone> <short>Public</short> <description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description> <service name="ssh"/> <service name="dhcpv6-client"/> <port protocol="tcp" port="20"/> <port protocol="tcp" port="21"/> <port protocol="tcp" port="22"/> <port protocol="tcp" port="80"/> <port protocol="tcp" port="8888"/> <port protocol="tcp" port="39000-40000"/> <port protocol="tcp" port="888"/> <port protocol="tcp" port="443"/> <port protocol="tcp" port="3306"/> </zone>
重启firewall
Service firewalld restart 重启
其他相关指令
Service firewalld start 开启 Service firewalld stop 关闭 systemctl status firewalld 查看状态 systemctl stop firewalld 关闭 systemctl start firewalld 开启 systemctl restart firewalld 重启 systemctl disable firewalld 关闭开机启动