Firewall共通ポート
2166 ワード
Firewallコマンドのインストール:
yum install firewalld firewalld-config
Firewall共通ポートコマンドをオンにします。
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
firewall-cmd --zone=public --add-port=22/tcp --permanent
firewall-cmd --zone=public --add-port=21/tcp --permanent
firewall-cmd --zone=public --add-port=53/udp --permanent
Firewall共通ポートを閉じるコマンド:
firewall-cmd --zone=public --remove-port=80/tcp --permanent
firewall-cmd --zone=public --remove-port=443/tcp --permanent
firewall-cmd --zone=public --remove-port=22/tcp --permanent
firewall-cmd --zone=public --remove-port=21/tcp --permanent
firewall-cmd --zone=public --remove-port=53/udp --permanent
区間ポートの一括追加
firewall-cmd --zone=public --add-port=4400-4600/udp --permanent
firewall-cmd --zone=public --add-port=4400-4600/tcp --permanent
操作の再起動
[root@srv-cs-test-lrm ~]# service firewalld
The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.
[root@srv-cs-test-lrm ~]#
systemctl restart firewalld
systemctl status firewalld
firewall-cmd --list-all-zones # zone
# firewall-cmd --get-default-zone # zone
# firewall-cmd --zone=internal --change-zone=p3p1 # p3p1 zone internal
# firewall-cmd --add-service=http # http
# firewall-cmd --permanent --add-service=http # http
# firewall-cmd --zone=public --add-port=80/tcp --permanent # public 80
# firewall-cmd --permanent --zone=public --remove-service=ssh # public zone
# firewall-cmd --reload #
# firewall-cmd --zone=public --add-port=80/tcp --permanent # 80
:
--zone #
--add-port=80/tcp # , : /
--permanent # ,
1, firewall :
$ firewall-cmd --state # eg :running
2, firewall :
$ firewall-cmd --version #eg : 0.4.3.2