CentOS 防火墙

# 查看firewall服务状态
systemctl status firewalld

# 查开机启动状态
systemctl list-unit-files |grep fire 

# 设置开机自启
systemctl enable firewalld.service

# 查看firewall的状态
firewall-cmd --state

# 开启
service firewalld start

# 重启
service firewalld restart

# 关闭
service firewalld stop

# 查看防火墙规则
firewall-cmd --zone=public --list-ports

# 运行完成之后，可以看到zone名称 
firewall-cmd --get-active-zones 

# 添加端口 
firewall-cmd --zone=public --add-port=6379/tcp --permanent 

# 移除端口
firewall-cmd --zone=public --remove-port=6379/tcp --permanent

# 重启防火墙 
firewall-cmd --reload 

# 查看端口号是否开启 
firewall-cmd --query-port=6379/tcp 

# 白名单
#添加规则
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.111.122/24" port protocol="tcp" port="15672" accept"
 
#reload使生效
firewall-cmd --reload