關於CentOS7.5防火牆的相關命令

[root@localhost apps]# telnet 127.0.0.1 80
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
[root@localhost apps]# 
[root@localhost apps]# 
[root@localhost apps]# 
[root@localhost apps]# 
[root@localhost apps]# telnet 127.0.0.1 8888
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.





^CConnection closed by foreign host.
[root@localhost apps]# 
[root@localhost apps]# 
[root@localhost apps]# 192.168.1.10
-bash: 192.168.1.10: 未找到命令
[root@localhost apps]# telnet 192.168.1.10
Trying 192.168.1.10...
telnet: connect to address 192.168.1.10: Connection refused
[root@localhost apps]# telnet 192.168.1.10 3306
Trying 192.168.1.10...
telnet: connect to address 192.168.1.10: Connection refused
[root@localhost apps]# telnet 192.168.1.10 2181
Trying 192.168.1.10...
Connected to 192.168.1.10.
Escape character is '^]'.
^CConnection closed by foreign host.
[root@localhost apps]# telnet 192.168.1.20 3306
Trying 192.168.1.20...
telnet: connect to address 192.168.1.20: No route to host
[root@localhost apps]# 
[root@localhost apps]# 
[root@localhost apps]# ping 192.168.1.20
PING 192.168.1.20 (192.168.1.20) 56(84) bytes of data.
64 bytes from 192.168.1.20: icmp_seq=1 ttl=64 time=0.335 ms
64 bytes from 192.168.1.20: icmp_seq=2 ttl=64 time=0.307 ms
64 bytes from 192.168.1.20: icmp_seq=3 ttl=64 time=0.308 ms
64 bytes from 192.168.1.20: icmp_seq=4 ttl=64 time=0.534 ms
^C
--- 192.168.1.20 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3000ms
rtt min/avg/max/mdev = 0.307/0.371/0.534/0.094 ms

如上所示,可以ping通 但是telnet不通過
這是由於防火牆的問題

#centos7啓動防火牆
systemctl start firewalld.service
#centos7停止防火牆/關閉防火牆
systemctl stop firewalld.service
#centos7重啓防火牆
systemctl restart firewalld.service
 
 
#設置開機啓用防火牆
systemctl enable firewalld.service
#設置開機不啓動防火牆
systemctl disable firewalld.service

開放端口
firewall-cmd --zone=public --add-port=80/tcp --permanent
#說明:
#–zone #作用域
#–add-port=80/tcp #添加端口，格式爲：端口/通訊協議
#–permanent 永久生效，沒有此參數重啓後失效
 
#多個端口:
firewall-cmd --zone=public --add-port=80-90/tcp --permanent

#centos7查看防火牆所有信息
firewall-cmd --list-all
#centos7查看防火牆開放的端口信息
firewall-cmd --list-ports
#刪除
firewall-cmd --zone=public --remove-port=80/tcp --permanent
#查看防火牆狀態
firewall-cmd --state

開啓端口後記得重啓

firewall -cmd --reload