linux防火墙基本操作

Debian ufw

ufw是个使用很方便的防火墙程序

启动防火墙:ufw enable

增加防火墙规则:ufw allow 80/tcp

查看防火墙规则:ufw status numbered

删除防火墙规则:ufw delete <规则号>

重新加载防火墙:ufw reload

停止防火墙:ufw disable

用ufw禁止ping:修改before.rules,通常路径在/etc/ufw/before.rules,找到imcp-echo-request相关内容,改为DROP

CentOS7 firewall-cmd

systemctl enable firewalld

禁止ping
firewall-cmd –permanent –add-rich-rule=’rule protocol value=icmp drop’

查询开放端口
firewall-cmd –list-ports

开放端口
firewall-cmd –zone=public –permanent –add-port=80/tcp
firewall-cmd –zone=public –permanent –add-port=443/tcp

开放服务

firewall-cmd –zone=public –permanent –add-service=https
firewall-cmd –zone=public –permanent –add-service=http

移除端口
firewall-cmd –zone=public –permanent –remove-port=8080/tcp

移除服务
firewall-cmd –zone=public –permanent –remove-service=http

增加范围端口
firewall-cmd –permanent –zone=public –add-port=8080-8081/tcp

查看当前默认zone
firewall-cmd –get-default-zone

设置默认zone
firewall-cmd –set-default-zone=public

重加载防火墙(修改配置后要重加载防火墙)
firewall-cmd –reload

参数解释
1、firwall-cmd:是Linux提供的操作firewall的一个工具;
2、–permanent:表示设置为持久;
3、–add-port:标识添加的端口;

滚动至顶部