firewalld使用与配置
#永久添加指定的端口策略 firewall-cmd --zone=public --add-port=80/tcp --permanent #永久删除指定的端口策略 firewall-cmd --zone=public --remove-port=80/tcp --permanent #永久删除指定的允许ip请求的策略 firewall-cmd --permanent --zone=public --remove-rich-rule="rule family="ipv4" source address="172.16.4.6" port protocol="tcp" port="80" accept" #永久添加指定的允许ip请求的策略(允许172.16.4.6访问) firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="172.16.4.6" port protocol="tcp" port="80" accept" #多个端口开放 firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="172.16.4.6" port protocol="tcp" port="80-100" accept" #参考文档: https://www.lmlphp.com/user/21749/article/item/522745/
#打开防火墙 sudo systemctl start firewalld sudo systemctl enable firewalld #放行指定端口 firewall-cmd --zone=public --remove-port=22/tcp --permanent #允许指定IP地址访问目标端口 firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="172.16.6.11" port protocol="tcp" port="22" accept" #删除刚添加的规则 firewall-cmd --permanent --remove-rich-rule='rule family="ipv4" source address="172.16.6.11" port protocol="tcp" port="22" accept' #允许指定IP地址访问所有端口 firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="172.16.6.11" accept' #重载防火墙 firewall-cmd --reload #查看规则 firewall-cmd --zone=public --list-all firewall-cmd --zone=public --list-rich-rules