CentOS 7\8 firewall查看信息及放通端口

一、firewall.service

#开启防火墙
$ systemctl start firewalld.service 

#开启防火墙
$ systemctl stop firewalld.service 

#查看防火墙状态
$ systemctl status firewalld.service 
 firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: >
   Active: active (running) since Thu 2020-05-21 12:37:48 EDT; 10min ago
     Docs: man:firewalld(1)
 Main PID: 8476 (firewalld)
    Tasks: 2 (limit: 4884)
   Memory: 2.8M
   CGroup: /system.slice/firewalld.service
           └─8476 /usr/libexec/platform-python -s /usr/sbin/firewalld --nofork --nopid

5月 21 12:37:50 node1 firewalld[8476]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w>
5月 21 12:37:50 node1 firewalld[8476]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w>
5月 21 12:37:50 node1 firewalld[8476]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w>
5月 21 12:37:50 node1 firewalld[8476]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w>
5月 21 12:37:50 node1 firewalld[8476]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w>
5月 21 12:37:50 node1 firewalld[8476]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w>
5月 21 12:37:50 node1 firewalld[8476]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w>
5月 21 12:37:50 node1 firewalld[8476]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w>
5月 21 12:37:51 node1 firewalld[8476]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w>
5月 21 12:37:51 node1 firewalld[8476]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w>

二、查看firewall的所有信息或放通端口

#查看信息
[owl314@node1 ~]$ firewall-cmd --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens33
  sources: 
  services: cockpit dhcpv6-client ssh
  ports: 
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
    rule family="ipv4" source address="172.17.0.0/16" accept
    rule family="ipv4" source address="172.27.0.0/16" accept

#查看放通端口
[owl314@node1 ~]$ firewall-cmd --list-ports 
2376/tcp

三、放通端口

#放通2376端口
[owl314@node1 ~]$ firewall-cmd --zone=public --add-port=2376/tcp --permanent
success
#重启firewal后修改才生效
[owl314@node1 ~]$ systemctl restart firewalld.service 
[owl314@node1 ~]$ firewall-cmd --list-ports 
2376/tcp
©著作权归作者所有,转载或内容合作请联系作者
【社区内容提示】社区部分内容疑似由AI辅助生成,浏览时请结合常识与多方信息审慎甄别。
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。

友情链接更多精彩内容