Firewall共通ポート

2166 ワード

Firewallコマンドのインストール:

yum install firewalld firewalld-config

Firewall共通ポートコマンドをオンにします。

firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=443/tcp --permanent
firewall-cmd --zone=public --add-port=22/tcp --permanent
firewall-cmd --zone=public --add-port=21/tcp --permanent
firewall-cmd --zone=public --add-port=53/udp --permanent

Firewall共通ポートを閉じるコマンド:

firewall-cmd --zone=public --remove-port=80/tcp --permanent
firewall-cmd --zone=public --remove-port=443/tcp --permanent
firewall-cmd --zone=public --remove-port=22/tcp --permanent
firewall-cmd --zone=public --remove-port=21/tcp --permanent
firewall-cmd --zone=public --remove-port=53/udp --permanent

区間ポートの一括追加

firewall-cmd --zone=public --add-port=4400-4600/udp --permanent
firewall-cmd --zone=public --add-port=4400-4600/tcp --permanent

操作の再起動

[root@srv-cs-test-lrm ~]#  service firewalld
The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.
[root@srv-cs-test-lrm ~]# 

systemctl restart firewalld
systemctl status firewalld
firewall-cmd --list-all-zones    #     zone  
# firewall-cmd --get-default-zone     #    zone    
# firewall-cmd --zone=internal --change-zone=p3p1  #      p3p1   zone internal
# firewall-cmd --add-service=http    #    http
# firewall-cmd --permanent --add-service=http  #    http
# firewall-cmd --zone=public --add-port=80/tcp --permanent  # public     80  
# firewall-cmd --permanent --zone=public --remove-service=ssh   # public zone     
# firewall-cmd --reload   #      
# firewall-cmd --zone=public --add-port=80/tcp --permanent    #  80   
    :
--zone #   
--add-port=80/tcp  #    ,   :  /    
--permanent   #    ,          
1,   firewall     :  
$ firewall-cmd --state   # eg :running
2,   firewall    : 
$ firewall-cmd --version #eg : 0.4.3.2