CentOS 7

查看防火墙状态

1	`systemctl status firewalld`

开启防火墙

1	`systemctl start firewalld`

防火墙开机自启

1	`systemctl enable firewalld`

关闭防火墙

1	`systemctl stop firewalld`

永久关闭防火墙

1	`systemctl disable firewalld`

重载防火墙 （修改规则后都需要重载才能生效）

1	`firewall-cmd --reload`

开放端口

1	`firewall-cmd --zone=public --add-port=22/tcp --permanent`

限制端口

1	`firewall-cmd --zone=public --remove-port=22/tcp --permanent`

批量开放端口

1	`firewall-cmd --zone=public --add-port=100-500/tcp --permanent`

批量限制端口

1	`firewall-cmd --zone=public --remove-port=100-500/tcp --permanent`

查看放开的所有端口

1	`firewall-cmd --zone=public --list-ports`

限制IP地址访问

1	`firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="10.0.0.0/24" port protocol="tcp" port="80" reject"`

解除IP地址限制

1	`firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="10.0.0.0/24" port protocol="tcp" port="80" accept"`

查看设置防火墙规则

1	`firewall-cmd --zone=public --list-rich-rules`

Ubuntu 20.04

查看防火墙状态

1	`ufw status`

启用防火墙

1	`ufw enable`

禁用防火墙

1	`ufw disable`

重载防火墙

1	`ufw reload`

开放单个端口

1	`ufw allow 80`

开放端口区间

1	`ufw allow 80:90/tcp`

限制端口

1	`ufw deny 80`

关闭端口

1	`ufw delete allow 20`

允许外部访问

1	`ufw default allow`

拒绝外部访问

1	`ufw default deny`

允许IP地址访问所有端口

1	`ufw allow from 192.168..`

拒绝IP地址访问所有端口

1	`ufw delete allow from 192.168..`

允许指定IP访问端口

1	`ufw allow from 192.168.121.2 to any port 3306`

关闭指定IP访问端口

1	`ufw delete allow from 192.168.121.2 to any port 3306`

运维

#Linux #运维

Linux常用命令速查-资源篇上一篇