查看狀態
firewall-cmd --state
啓動、停止
systemctl start firewalld.service
systemctl stop firewalld.service
systemctl restart firewalld.service
開機自啓
systemctl enable firewalld.service
systemctl disable firewalld.service
查看打開的端口
firewall-cmd --list-ports
firewall-cmd --list-ports --permanent
firewall-cmd --list-ports --zone=public
firewall-cmd --zone=public --query-port=80/tcp
添加端口
firewall-cmd --add-port=80/tcp
firewall-cmd --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=80/tcp
firewall-cmd --zone=public --add-port=80/tcp --permanent
關閉端口
firewall-cmd --remove-port=80/tcp
firewall-cmd --remove-port=80/tcp --permanent
firewall-cmd --zone=public --remove-port=80/tcp
firewall-cmd --zone=public --remove-port=80/tcp --permanent
更新防火牆規則
firewall-cmd --reload
關閉 selinux
# vim /etc/selinux/config
SELINUX=disabled