#### 查看是否安裝防火墻 ~~~ yum list | grep firewalld ~~~ #### 查看是否啟動 ~~~ ps -ef | grep firewalld ~~~ #### 安裝防火墻 ~~~ yum install firewalld ~~~ #### 啟動防火墻 ~~~ service firewalld start ~~~ #### 檢查狀態 ~~~ service firewalld status ~~~ #### 禁用或關閉防火墻 ~~~ service firewalld stop ~~~ #### 查看版本號 ~~~ firewall-cmd --version ~~~ ~~~ 0.4.4.4 ~~~ #### 查看幫助文檔 ~~~ firewall-cmd --help ~~~ #### 查看狀態 ~~~ firewall-cmd --state ~~~ ~~~ running //正在運行 ~~~ #### 查看防火墻區域和端口 ~~~ firewall-cmd --get-zones ~~~ ~~~ block dmz drop external home internal public trusted work 有這些區域,用空格隔開的. ~~~ #### 查看默認區域 ~~~ firewall-cmd --get-default-zone ~~~ ~~~ public ~~~ #### 列出所有區域配置情況 ~~~ firewall-cmd --list-all-zones ~~~ ~~~ block target: %%REJECT%% icmp-block-inversion: no interfaces: sources: services: ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: dmz target: default icmp-block-inversion: no interfaces: sources: services: ssh ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: drop target: DROP icmp-block-inversion: no interfaces: sources: services: ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: external target: default icmp-block-inversion: no interfaces: sources: services: ssh ports: protocols: masquerade: yes forward-ports: source-ports: icmp-blocks: rich rules: home target: default icmp-block-inversion: no interfaces: sources: services: ssh mdns samba-client dhcpv6-client ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: internal target: default icmp-block-inversion: no interfaces: sources: services: ssh mdns samba-client dhcpv6-client ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: public (active) target: default icmp-block-inversion: no interfaces: ens33 sources: services: ssh dhcpv6-client ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: trusted target: ACCEPT icmp-block-inversion: no interfaces: sources: services: ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: work target: default icmp-block-inversion: no interfaces: sources: services: ssh dhcpv6-client ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: ~~~