1、查看防火墙状态
systemctl status firewalld 或者?firewall-cmd --state
2、开启防火墙
systemctl start firewalld?
3、开机自启
systemctl enable firewalld
4、关闭防火墙
systemctl stop firewalld
5、防火墙添加开放端口
firewall-cmd --permanent --zone=public --add-port=8080/tcp
6、针对ip开放某个端口
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="127.0.0.1" port protocol="tcp" port="8080" accept"
7、防火墙移除端口
firewall-cmd --permanent --zone=public --remove-port=8080/tcp
8、关闭ip开放某个端口
firewall-cmd --permanent --remove-rich-rule="rule family="ipv4" source address="127.0.0.1" port protocol="tcp" port="8080" accept"
9、查看当前所有策略
firewall-cmd --list-all
10、端口转发
firewall-cmd --zone=public --add-forward-port=port=22:proto=tcp:toport=3753:toaddr=127.0.0.1