Centos7 open firewall PORT command, centos7 Firewall

Source: Internet
Author: User

Centos7 open firewall PORT command, centos7 Firewall
Centos 7 uses firewalld instead of the original iptables. The usage is as follows: >>> disable the firewall.

Systemctl stop firewalld. service # stop firewall
Systemctl disable firewalld. service # disable firewall startup

>>> Enable the port

Firewall-cmd -- zone = public -- add-port = 80/tcp -- permanent

Command description

-- Zone # Scope
-- Add-port = 80/tcp # add a port in the format of port/communication protocol
-- Permanent # takes effect permanently. If this parameter is not set, it becomes invalid after restart.

>>> Restart the Firewall

Firewall-cmd -- reload

Other common commands:

Firewall-cmd -- state # Check whether the firewall Status is running
Firewall-cmd -- reload # re-load the configuration. For example, after adding a rule, you need to execute this command.
Firewall-cmd -- get-zones # list supported zones
Firewall-cmd -- get-services # list supported services. The services in the list are allowed.
Firewall-cmd -- query-service ftp # Check if ftp service is supported. yes or no is returned.
Firewall-cmd -- add-service = ftp # Temporarily open the ftp service
Firewall-cmd -- add-service = ftp -- permanent # permanently open the ftp service
Firewall-cmd -- remove-service = ftp -- permanent # permanently remove the ftp service
Firewall-cmd -- add-port = 80/tcp -- permanent # add port 80 permanently
Iptables-L-n # view rules. This command is the same as iptables
Man firewall-cmd # view help

For more commands, use firewall-cmd -- help to view the help file.

>>> CentOS 7.0 uses firewall as the firewall by default. You must reset the firewall when using iptables.

1. Directly disable the Firewall

Systemctl stop firewalld. service # stop firewall
Systemctl disable firewalld. service # disable firewall startup

2. Set iptables service

Yum-y install iptables-services
If you want to modify the firewall configuration, such as adding the firewall port 3306
Vi/etc/sysconfig/iptables
Add Rules
-A input-m state -- state NEW-m tcp-p tcp -- dport 3306-j ACCEPT

Save and exit
Systemctl restart iptables. service # restart the firewall to make the configuration take effect.
Systemctl enable iptables. service # Set firewall startup

Restart the system to make the settings take effect.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.