开放端口
firewall-cmd --zone=public --add-port=80/tcp
firewall-cmd --zone=public --add-port=80/tcp --permanent
查询端口是否打开
firewall-cmd --zone=public --query-port=80/tcp
查看当前系统打开的所有端口
firewall-cmd --zone=public --list-ports
firewall-cmd --list-port
关闭端口
firewall-cmd --zone=public --remove-port=6379/tcp
firewall-cmd --zone=public --remove-port=6379/tcp --permanent
限制IP访问
限制IP192.168.80.129禁止访问80端口即禁止访问机器
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.80.129" port protocol="tcp" port="80" reject"
重新加载防火墙设置,使设置生效
systemctl restart firewall
firewall-cmd --reload
查看已经设置的规则
firewall-cmd --list-rich-rules
解除ip访问限制
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.80.129" port protocol="tcp" port="80" accept"
重新加载防火墙设置,使设置生效
systemctl restart firewall
firewall-cmd --reload