linux开放或限制端口和ip访问

#Step1:删除原有的3306端口访问规则
firewall-cmd --permanent --remove-port=3306/tcp

 

#Step2:添加富规则
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address=" 192.168.1.100" port protocol="tcp" port="3306" accept"
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="127.0.0.1" port protocol="tcp" port="3306" accept"

#网段

firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.12.0/24" port protocol="tcp" port="3306" accept"

 

#Step3:生效规则
firewall-cmd --reload

#Step4:查看结果
firewall-cmd --list-all 

firewall-cmd --list-rich-rules

 

#step4:删除富规则

firewall-cmd --remove-rich-rule 'rule family="ipv4" source address="192.168.1.0/24" port port="5236" protocol="tcp" accept' --permanent

posted @ 2022-01-12 15:01  青木流水  阅读(1108)  评论(0编辑  收藏  举报