CentOS 7 中firewall-cmd命令在 CentOS 7
暂时开放 ftp服务#firewall-cmd --add-service=ftp永久开放 ftp服务#firewall-cmd --add-service=ftp --permanent永久关闭#firewall-cmd --remove-service=ftp --permanentsuccess让设定生效#systemctl restart firewalld检查设定是否生效#iptables -L -n | grep 21ACCEPTtcp--0.0.0.0/00.0.0.0/0tcp dpt:21 ctstate NEW
检查防火墙状态#firewall-cmd --staterunning#systemctl stop firewalld#firewall-cmd --statenot running#firewall-cmd --list-allpublic (default)interfaces:sources:services: dhcpv6-client ftp sshports:masquerade: noforward-ports:icmp-blocks:rich rules:在 FirewallD 的服务名称#firewall-cmd --get-serviceamanda-client bacula bacula-client dhcp dhcpv6 dhcpv6-client dns ftp high-availability http https imaps ipp ipp-client ipsec kerberos kpasswd ldap ldaps libvirt libvirt-tls mdns mountd ms-wbt MySQL nfs ntp openvpn pmcd pmPRoxy pmwebapi pmwebapis pop3s postgresql proxy-dhcp radius rpc-bind samba samba-client smtp ssh telnet tftp tftp-client transmission-client vnc-server wbem-https查询服务的启用状态#firewall-cmd --query-service ftpyes#firewall-cmd --query-service sshyes#firewall-cmd --query-service sambano#firewall-cmd --query-service httpno自行加入要开放的 Port#firewall-cmd --add-port=3128/tcp#firewall-cmd --list-allpublic (default)interfaces:sources:services: dhcpv6-client ftp sshports:3128/tcpmasquerade: noforward-ports:icmp-blocks:rich rules: