1. Basic commands
- 1) Check the firewall status
systemctl status firewalld
- 2) Start the firewall
systemctl start firewalld
- 3) Turn off the firewall
systemctl stop firewalld
- 4) Restart the firewall
systemctl restart firewalld
2. Open port
- 1) Open port 3306
firewall-cmd --zone=public --add-port=3306/tcp --permanent
- 2) Reload the firewall settings to make the settings take effect
firewall-cmd --reload
- 3) You can check whether it is effective through the following command
firewall-cmd --zone=public --query-port=3306/tcp
- 4) View all open ports in the system
firewall-cmd --zone=public --list-ports
3. Restrict ports
- 1) Limit port 3306
firewall-cmd --zone=public --remove-port=3306/tcp --permanent
- 2) Reload the firewall settings to make the settings take effect
firewall-cmd --reload
4. Bulk opening or restricting ports
- 1) Batch open ports
For example, we need to open all ports between 100 and 500
firewall-cmd --zone=public --add-port=100-500/tcp --permanent
- 2) Batch limit ports
firewall-cmd --zone=public --remove-port=100-500/tcp --permanent
Summarize
The above is personal experience. I hope you can give you a reference and I hope you can support me more.