CentOS8的基礎(chǔ)防火墻配置
發(fā)布時間:2024-07-11 點擊:245
系統(tǒng)運維
1、安裝
yum install iptables-services #安裝iptables
2、systemctl使用
systemctl unmask firewalld #執(zhí)行命令,即可實現(xiàn)取消服務(wù)的鎖定
systemctl mask firewalld # 下次需要鎖定該服務(wù)時執(zhí)行
systemctl start firewalld.service #啟動防火墻
systemctl stop firewalld.service #停止防火墻
systemctl reloadt firewalld.service #重載配置
systemctl restart firewalld.service #重啟服務(wù)
systemctl status firewalld.service #顯示服務(wù)的狀態(tài)
systemctl enable firewalld.service #在開機時啟用服務(wù)
systemctl disable firewalld.service #在開機時禁用服務(wù)
systemctl is-enabled firewalld.service #查看服務(wù)是否開機啟動
systemctl list-unit-files|grep enabled #查看已啟動的服務(wù)列表
systemctl –failed #查看啟動失敗的服務(wù)列表
3、firewall-cmd使用
firewall-cmd –state #查看防火墻狀態(tài)
firewall-cmd –reload #更新防火墻規(guī)則
firewall-cmd –state #查看防火墻狀態(tài)
firewall-cmd –reload #重載防火墻規(guī)則
firewall-cmd –list-ports #查看所有打開的端口
firewall-cmd –list-services #查看所有允許的服務(wù)
firewall-cmd –get-services #獲取所有支持的服務(wù)
#區(qū)域相關(guān)
firewall-cmd –list-all-zones #查看所有區(qū)域信息
firewall-cmd –get-active-zones #查看活動區(qū)域信息
firewall-cmd –set-default-zone=public #設(shè)置public為默認(rèn)區(qū)域
firewall-cmd –get-default-zone #查看默認(rèn)區(qū)域信息
firewall-cmd –zone=public –add-interface=eth0 #將接口eth0加入?yún)^(qū)域public
#接口相關(guān)
firewall-cmd –zone=public –remove-interface=eth0 #從區(qū)域public中刪除接口eth0
firewall-cmd –zone=default –change-interface=eth0 #修改接口eth0所屬區(qū)域為default
firewall-cmd –get-zone-of-interface=eth0 #查看接口eth0所屬區(qū)域
4、用例
firewall-cmd –query-port=8080/tcp # 查詢端口是否開放
firewall-cmd –add-port=80/tcp –permanent #永久添加80端口例外(全局)
firewall-cmd –remove-port=80/tcp –permanent #永久刪除80端口例外(全局)
firewall-cmd –add-port=65001-65010/tcp –permanent #永久增加65001-65010例外(全局)
firewall-cmd –zone=public –add-port=80/tcp –permanent #永久添加80端口例外(區(qū)域public)
firewall-cmd –zone=public –remove-port=80/tcp –permanent #永久刪除80端口例外(區(qū)域public)
firewall-cmd –zone=public –add-port=65001-65010/tcp –permanent #永久增加65001-65010例外(區(qū)域public)
firewall-cmd –reload #重啟防火墻(修改配置后要重啟防火墻)
不會個人網(wǎng)站建站?輕松get免費建站新技能
網(wǎng)站改版為什么會降權(quán)?這些改版的條件需滿足
云服務(wù)器ecs等保
建站行業(yè)亂象:盜版源碼宣稱自主研發(fā)
騰訊云服務(wù)器買哪個配置好
一張圖看懂收錄與索引的區(qū)別
如何使網(wǎng)站推廣準(zhǔn)確
個人WordPress博客是用VPS服務(wù)器還是虛擬主機好?
1、安裝
yum install iptables-services #安裝iptables
2、systemctl使用
systemctl unmask firewalld #執(zhí)行命令,即可實現(xiàn)取消服務(wù)的鎖定
systemctl mask firewalld # 下次需要鎖定該服務(wù)時執(zhí)行
systemctl start firewalld.service #啟動防火墻
systemctl stop firewalld.service #停止防火墻
systemctl reloadt firewalld.service #重載配置
systemctl restart firewalld.service #重啟服務(wù)
systemctl status firewalld.service #顯示服務(wù)的狀態(tài)
systemctl enable firewalld.service #在開機時啟用服務(wù)
systemctl disable firewalld.service #在開機時禁用服務(wù)
systemctl is-enabled firewalld.service #查看服務(wù)是否開機啟動
systemctl list-unit-files|grep enabled #查看已啟動的服務(wù)列表
systemctl –failed #查看啟動失敗的服務(wù)列表
3、firewall-cmd使用
firewall-cmd –state #查看防火墻狀態(tài)
firewall-cmd –reload #更新防火墻規(guī)則
firewall-cmd –state #查看防火墻狀態(tài)
firewall-cmd –reload #重載防火墻規(guī)則
firewall-cmd –list-ports #查看所有打開的端口
firewall-cmd –list-services #查看所有允許的服務(wù)
firewall-cmd –get-services #獲取所有支持的服務(wù)
#區(qū)域相關(guān)
firewall-cmd –list-all-zones #查看所有區(qū)域信息
firewall-cmd –get-active-zones #查看活動區(qū)域信息
firewall-cmd –set-default-zone=public #設(shè)置public為默認(rèn)區(qū)域
firewall-cmd –get-default-zone #查看默認(rèn)區(qū)域信息
firewall-cmd –zone=public –add-interface=eth0 #將接口eth0加入?yún)^(qū)域public
#接口相關(guān)
firewall-cmd –zone=public –remove-interface=eth0 #從區(qū)域public中刪除接口eth0
firewall-cmd –zone=default –change-interface=eth0 #修改接口eth0所屬區(qū)域為default
firewall-cmd –get-zone-of-interface=eth0 #查看接口eth0所屬區(qū)域
4、用例
firewall-cmd –query-port=8080/tcp # 查詢端口是否開放
firewall-cmd –add-port=80/tcp –permanent #永久添加80端口例外(全局)
firewall-cmd –remove-port=80/tcp –permanent #永久刪除80端口例外(全局)
firewall-cmd –add-port=65001-65010/tcp –permanent #永久增加65001-65010例外(全局)
firewall-cmd –zone=public –add-port=80/tcp –permanent #永久添加80端口例外(區(qū)域public)
firewall-cmd –zone=public –remove-port=80/tcp –permanent #永久刪除80端口例外(區(qū)域public)
firewall-cmd –zone=public –add-port=65001-65010/tcp –permanent #永久增加65001-65010例外(區(qū)域public)
firewall-cmd –reload #重啟防火墻(修改配置后要重啟防火墻)
不會個人網(wǎng)站建站?輕松get免費建站新技能
網(wǎng)站改版為什么會降權(quán)?這些改版的條件需滿足
云服務(wù)器ecs等保
建站行業(yè)亂象:盜版源碼宣稱自主研發(fā)
騰訊云服務(wù)器買哪個配置好
一張圖看懂收錄與索引的區(qū)別
如何使網(wǎng)站推廣準(zhǔn)確
個人WordPress博客是用VPS服務(wù)器還是虛擬主機好?