Centos8 firewall防火墙关闭/开启，开机关闭/开启、打开关闭端口

1.firewall防火墙状态查看

firewall-cmd --state

[root@localhost qjy]# firewall-cmd --state
running

2.firewall防火墙关闭

注意：是关闭firewalld.service，

systemctl stop firewalld.service

[root@localhost qjy]# systemctl stop firewalld.service
[root@localhost qjy]# firewall-cmd --state
not running

3.firewall防火墙开启

systemctl start firewalld.service

[root@localhost qjy]# systemctl start firewalld.service
[root@localhost qjy]# firewall-cmd --state
running

4.firewall防火墙开机自启开启

systemctl enable firewalld.service

[root@localhost qjy]# systemctl enable firewalld.service
Created symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service → /usr/lib/systemd/system/firewalld.service.
Created symlink /etc/systemd/system/multi-user.target.wants/firewalld.service → /usr/lib/systemd/system/firewalld.service.

5.firewall防火墙开机关闭

systemctl disable firewalld.service

[root@localhost qjy]# systemctl disable firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

CentOS7使用的是firewall防火墙，不再是原来的iptables

1：查看firewall防火墙状态

    firewall-cmd --state

    或者

    systemctl status firewalld

2：打开防火墙

    systemctl start firewalld

3：关闭防火墙

    systemctl stop firewalld

4：重启防火墙

    firewall-cmd --relaod

    或者

    systemctl reload firewalld

5：开机自启动防火墙

    systemctl enable firewalld

6：禁止开机启动防火墙

    systemctl disable firewalld

6：查看已打开的端口

    firewall-cmd --list-ports

7：打开端口

    firewall-cmd --permanent --zone=public --add-port=8080/tcp

    其中permanent表示永久生效，public表示作用域，8080/tcp表示端口和类型

8：关闭端口

    firewall-cmd --permanent --zone=public --remove-port=8080/tcp

9：防火墙重载

    添加端口或者删除端口之后用这个命令重载才会生效

    firewall-cmd --reload