firewall-cmd 规则新建与删除

firewall-cmd  --get-zone  拿一个区域

firewall-cmd  --zone=trusted   --list-all查看指定区域下的规则

root@cpu:~# firewall-cmd  --zone=trusted --list-all
trusted (active)
  target: ACCEPT
  icmp-block-inversion: no
  interfaces: ens33 ens34 ens35
  sources: 
  services: 
  ports: 
  protocols: 
  forward: yes
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

root@cpu:~# firewall-cmd  --zone=trusted  --add-forward-port=port=8888:proto=tcp:toport=22:toaddr=192.168.1.10
success
root@cpu:~# firewall-cmd  --zone=trusted  --list-all
trusted (active)
  target: ACCEPT
  icmp-block-inversion: no
  interfaces: ens33 ens34 ens35
  sources: 
  services: 
  ports: 
  protocols: 
  forward: yes
  masquerade: no
  forward-ports: 
	port=8888:proto=tcp:toport=22:toaddr=192.168.1.10
  source-ports: 
  icmp-blocks: 
  rich rules: 

firewall-cmd   --zone=trusted  --add-forward-port=port=8888:proto=tcp:toport=22;toadd=192.168.1.10

--remove-forward-port  --remove-port