Debian ufw
ufw是个使用很方便的防火墙程序
启动防火墙:ufw enable
增加防火墙规则:ufw allow 80/tcp
查看防火墙规则:ufw status numbered
删除防火墙规则:ufw delete <规则号>
重新加载防火墙:ufw reload
停止防火墙:ufw disable
用ufw禁止ping:修改before.rules,通常路径在/etc/ufw/before.rules,找到imcp-echo-request相关内容,改为DROP
CentOS7 firewall-cmd
systemctl enable firewalld
禁止ping
firewall-cmd –permanent –add-rich-rule=’rule protocol value=icmp drop’
查询开放端口
firewall-cmd –list-ports
开放端口
firewall-cmd –zone=public –permanent –add-port=80/tcp
firewall-cmd –zone=public –permanent –add-port=443/tcp
开放服务
firewall-cmd –zone=public –permanent –add-service=https
firewall-cmd –zone=public –permanent –add-service=http
移除端口
firewall-cmd –zone=public –permanent –remove-port=8080/tcp
移除服务
firewall-cmd –zone=public –permanent –remove-service=http
增加范围端口
firewall-cmd –permanent –zone=public –add-port=8080-8081/tcp
查看当前默认zone
firewall-cmd –get-default-zone
设置默认zone
firewall-cmd –set-default-zone=public
重加载防火墙(修改配置后要重加载防火墙)
firewall-cmd –reload
参数解释
1、firwall-cmd:是Linux提供的操作firewall的一个工具;
2、–permanent:表示设置为持久;
3、–add-port:标识添加的端口;