kyugao/obsidian_vault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
obsidian_vault/settings/archived/学习成长/学习/计算机相关/Linux防火墙相关操作.md
T
kyugao ccd43fac1f new
2025-12-27 11:44:50 +08:00

40 lines
1.4 KiB
Markdown
Raw Permalink Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
#firewall #linux
### 基本操作:
配置firewalld-cmd
查看版本: `firewall-cmd --version`
查看帮助: `firewall-cmd --help`
显示状态: `firewall-cmd --state`
查看所有打开的端口: `firewall-cmd --zone=public --list-ports`
更新防火墙规则: `firewall-cmd --reload`
查看区域信息:  `firewall-cmd --get-active-zones`
查看指定接口所属区域: `firewall-cmd --get-zone-of-interface=eth0`
拒绝所有包:`firewall-cmd --panic-on`
取消拒绝状态: `firewall-cmd --panic-off`
查看是否拒绝: `firewall-cmd --query-panic`
添加端口:`firewall-cmd --zone=public --add-port=31702/tcp --permanent`
重新载入:`firewall-cmd --reload`
查看:`firewall-cmd --zone=public --query-port=80/tcp`
删除:`firewall-cmd --zone=public --remove-port=80/tcp --permanent`
允许IP段对某端口的访问:`firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.3.1/16" port protocol="tcp" port="8383" accept"`
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.3.1/16" port protocol="tcp" port="18180" accept"
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.3.1/16" port protocol="tcp" port="11434" accept"
firewall-cmd --permanent --add-forward-port=port=54320:proto=tcp:toaddr=192.168.3.225:toport=54321
Reference in New Issue View Git Blame Copy Permalink