Common firewall commands in CentOS 7
Common firewall commands
Enable services in the region
Firewall-cmd -- permanent [-- zone = <zone>] -- add-service = <service>
This will permanently enable services in the region. If no region is specified, the default region is used. A service in the disabled Area
Firewall-cmd -- permanent [-- zone = <zone>] -- remove-service = <service>
Check whether the service in the region is enabled.
Firewall-cmd -- permanent [-- zone = <zone>] -- query-service = <service>
If the service is enabled, this command returns a value. This command has no output information. For example, enable the ipp-client Service in the home region permanently.
Firewall-cmd -- permanent -- zone = home -- add-service = ipp-client
Permanently enable a port-Protocol combination in the region
Firewall-cmd -- permanent [-- zone = <zone>] -- add-port = <port>/<protocol>
Permanently disable a port in the region-Protocol combination
Firewall-cmd -- permanent [-- zone = <zone>] -- remove-port = <port>/<protocol>
Check whether the port-Protocol combination is permanently enabled in the region
Firewall-cmd -- permanent [-- zone = <zone>] -- query-port = <port>/<protocol>