查看防火墙状态 firewall-cmd --state
停止防火墙
systemctl stop firewalld.service
启动防火墙
systemctl start firewalld.service
开放8080端口(所有IP)
firewall-cmd --zone=public --add-port=8085/tcp --permanent
指定IP与端口
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="49.4.69.182" port protocol="tcp" port="8081" accept"
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="122.114.164.197" port protocol="tcp" port="8084" accept"
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="47.90.101.3" port protocol="tcp" port="8085" accept"
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="218.28.225.114" port protocol="tcp" port="8084" accept"
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="122.114.164.200" port protocol="tcp" port="8082" accept"
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="43.255.118.89" port protocol="tcp" port="8719" accept"
重新载入,使配置生效
systemctl restart firewalld.service
查看配置结果
firewall-cmd --list-all
删除规则
firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address="192.168.10.16" port protocol="tcp" port="9059" accept"