Open in app

Sign in

Write

Sign in

Mastodon

The use of linux firewall iptables and firewall

Pankaj kushwaha
2 min readJun 19, 2020

Linux old version firewall iptables modify
If there is no iptables file, execute the following command
Firewall service operation
The firewall in centos7 defaults to firewall

1. Basic use of firewalld

2. systemctl is the main tool in CentOS7’s service management tool, which combines the functions of service and chkconfig before.

3. Configure firewalld-cmd

How to open a port
Add to
Add port range
Reload
View
view all
delete
Linux old version firewall iptables
modify
Mainly by modifying the /etc/sysconfig/iptables file to modify the rules.

Modify to restart the service: #service iptables restar

If there is no iptables file, execute the following command
yum install -y iptables
yum install iptables-services

Firewall service operation
service iptables restart restart
service iptables start start
service iptables stop stop

The firewall in centos7 defaults to firewall
1. Basic use of firewalld
Start: systemctl start firewalld

Close: systemctl stop firewalld

View status: systemctl status firewalld

Boot disable: systemctl disable firewalld

Startup: systemctl enable firewalld

2. systemctl is the main tool in CentOS7’s service management tool, which combines the functions of service and chkconfig before.
Start a service: systemctl start firewalld.service
close a service: systemctl stop firewalld.service
restart a service: systemctl restart firewalld.service
shows the status of a service: systemctl status firewalld.service
enables a service at boot: systemctl enable firewalld.service
Disable a service at startup: systemctl disable firewalld.service to
check whether the service is started: systemctl is-enabled firewalld.service to
view the list of services that have been started: systemctl list-unit-files|grep enabled to
view the list of services that failed to start: systemctl- -failed

3. Configure firewalld-cmd
View version: firewall-cmd — version

View help: firewall-cmd — help

Display state: firewall-cmd — state

View all open ports: firewall-cmd — zone=public — list-ports

Update firewall rules: firewall-cmd — reload

View zone information: firewall-cmd — get-active-zones

View the zone to which the specified interface belongs: firewall-cmd — get-zone-of-interface=eth0

Reject all packages: firewall-cmd — panic-on

Cancel rejection status: firewall-cmd — panic-off

Check whether to reject: firewall-cmd — query-panic

How to open a port
Add to
firewall-cmd — zone=public — add-port=80/tcp — permanent ( — permanent takes effect permanently, without this parameter it will be invalid after restart, –zone #scope, –add-port=80/tcp #add port , The format is: port/communication protocol)

Add port range
firewall-cmd — zone=public — add-port=80–100/tcp — permanent

Reload
firewall-cmd — reload

View
firewall-cmd — zone= public — query-port=80/tcp

view all
firewall-cmd — list-ports

delete
firewall-cmd — zone= public — remove-port=80/tcp — permanent

Firewall
Iptables
Rules
Unix
Linux

--

--

Pankaj kushwaha

Written by Pankaj kushwaha

202 Followers

Database/System Administrator | DevOPS | Cloud Specialist | DevOPS

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams