Centos7 open firewall PORT command, centos7 Firewall
Centos 7 uses firewalld instead of the original iptables. The usage is as follows: >>> disable the firewall.
Systemctl stop firewalld. service # stop firewall
Systemctl disable firewalld. service # disable firewall startup
>>> Enable the port
Firewall-cmd -- zone = public -- add-port = 80/tcp -- permanent
Command description
-- Zone # Scope
-- Add-port = 80/tcp # add a port in the format of port/communication protocol
-- Permanent # takes effect permanently. If this parameter is not set, it becomes invalid after restart.
>>> Restart the Firewall
Firewall-cmd -- reload
Other common commands:
Firewall-cmd -- state # Check whether the firewall Status is running
Firewall-cmd -- reload # re-load the configuration. For example, after adding a rule, you need to execute this command.
Firewall-cmd -- get-zones # list supported zones
Firewall-cmd -- get-services # list supported services. The services in the list are allowed.
Firewall-cmd -- query-service ftp # Check if ftp service is supported. yes or no is returned.
Firewall-cmd -- add-service = ftp # Temporarily open the ftp service
Firewall-cmd -- add-service = ftp -- permanent # permanently open the ftp service
Firewall-cmd -- remove-service = ftp -- permanent # permanently remove the ftp service
Firewall-cmd -- add-port = 80/tcp -- permanent # add port 80 permanently
Iptables-L-n # view rules. This command is the same as iptables
Man firewall-cmd # view help
For more commands, use firewall-cmd -- help to view the help file.
>>> CentOS 7.0 uses firewall as the firewall by default. You must reset the firewall when using iptables.
1. Directly disable the Firewall
Systemctl stop firewalld. service # stop firewall
Systemctl disable firewalld. service # disable firewall startup
2. Set iptables service
Yum-y install iptables-services
If you want to modify the firewall configuration, such as adding the firewall port 3306
Vi/etc/sysconfig/iptables
Add Rules
-A input-m state -- state NEW-m tcp-p tcp -- dport 3306-j ACCEPT
Save and exit
Systemctl restart iptables. service # restart the firewall to make the configuration take effect.
Systemctl enable iptables. service # Set firewall startup
Restart the system to make the settings take effect.