CentOS7 Firewall防火牆常用命令

開啟防火牆

systemctl start firewalld.service

systemctl stop firewalld.service

systemctl status firewalld.service

systemctl enable firewalld.service

systemctl disable firewalld.service

firewall-cmd

--zone=
public
--add-port
=80/tcp --permanent   //永久
firewall-cmd
--zone=
public
--add-port
=80/tcp               //臨時

firewall-cmd

--zone=
public
--add-masquerade
--permanent    //開啟ip位址偽裝
//將8080**到80
firewall-cmd
--zone=
public
--add-forward
-port
=port=
80:proto=tcp:toport=
8080
--permanent

//建立blacklist ipset

firewall-cmd
--permanent --zone=
public
--new
-ipset
=blacklist --
type
=hash:ip
//封禁 blacklist
firewall-cmd
--permanent --zone=
public
--add-rich
-rule
='rule source ipset=blacklist drop'
//檢視 blacklist
firewall-cmd
--ipset=blacklist --get-entries
//新增ip到黑名單
firewall-cmd
--permanent --zone=
public
--ipset=blacklist --add-entry
=212.237
.51.36
firewall-cmd
--permanent --zone=
public
--ipset=blacklist --add-entry
=188.226
.191
.66firewall-cmd
--permanent --zone=
public
--ipset=blacklist --add-entry
=80.211
.137
.182
firewall-cmd
--permanent --zone=
public
--ipset=blacklist --add-entry
=60.191
.66.226

firewall-cmd

--permanent --zone=
public
--add-rich
-rule
='rule protocol value=icmp drop'

firewall

-cmd--
reload

參考文章

雲伺服器 ecs centos 7配置預設防火牆 firewall

rhel7、centos7 下使用 firewall 封ip

firewalld禁止被ping(丟棄icmp包)

centos 7 firewall無法啟動

報錯資訊 root localhost bin systemctl status firewalld firewalld.service firewalld dynamic firewall daemon loaded loaded usr lib systemd system firewalld....

CentOS 7 firewall使用方法

1.在firewall規則中新增80埠 firewall cmd zone public add port 80 tcp permanent 2.獲取firewall狀態資訊 firewall cmd state firewall cmd reload 不改變狀態 firewall cmd comp...

centos7 firewall指定IP與埠訪問

1 啟動防火牆 systemctl start firewalld.service 2 指定ip與埠 firewall cmd permanent add rich rule rule family ipv4 source address 192.168.142.166 port protocol ...