1.查看防火墙状态
systemctl list-unit-files|grep firewalld.service
或
systemctl status firewalld.service
2.开启
systemctl start firewalld.service
3.停止
systemctl stop firewalld.service
4.重启
systemctl restart firewalld.service
5.开机启动
systemctl enable firewalld.service
6.开机禁止启动
systemctl disable firewalld.service
7.查看开机是否自启
systemctl is-enabled firewalld.service;echo $?
8.列举出所有开机自启服务
systemctl list-unit-files|grep enabled
9.查看已经开放端口
firewall-cmd --list-ports
10.添加开放端口(重启防火墙才生效)
firewall-cmd --zone=public --add-port=80/tcp --permanent
--zone 作用域
--add--port 添加端口号
--permanent 永久生效 不用的话重启机器失效
11.重启防火墙
firewall-cmd --reload
12.防火墙运行状态
firewall-cmd --state
