firewall批量开放端口

参数说明

–zone作用域
–permanent永久生效，没有此参数重启后失效
–add-port=80/tcp添加端口，格式为：端口/通讯协议

开放端口

开放80端口，放行tcp、udp协议

firewall-cmd --permanent --zone=public --add-port=80/tcp
firewall-cmd --permanent --zone=public --add-port=80/udp

批量开放端口

开放10000-65535端口，放行tcp、udp协议

firewall-cmd --permanent --zone=public --add-port=10000-65535/tcp
firewall-cmd --permanent --zone=public --add-port=10000-65535/udp
firewall-cmd --reload

检查firewall

检查规则

firewall-cmd --list-all

检查开放端口

firewall-cmd --list-ports

检查状态

firewall-cmd --state

或使用

systemctl status firewalld

禁用firewall

systemctl disable firewalld
systemctl stop firewalld

启用firewall

systemctl enable firewalld
systemctl start firewalld

管理firewall

启用防火墙

systemctl start firewalld.service

停用防火墙

systemctl stop firewalld.service

重启防火墙

systemctl restart firewalld.service

设置开机启用

systemctl enable firewalld.service

取消开机启动

systemctl disable firewalld.service

删除firewall

firewall-cmd --permanent --zone=public --remove-port=80/tcp

注意：新增/删除操作需要重启

参考来源

http://www.leftso.com/blog/163.html
https://www.jianshu.com/p/bad33004bb4f
https://blog.csdn.net/github_37128837/article/details/73356170

了解更多

https://www.cnblogs.com/hubing/p/6058932.html
https://blog.csdn.net/spxfzc/article/details/39645133