firewalld commands
linux firewall
get list of zones
# firewall-cmd --get-active-zones
public
interfaces: eth0
Add port rule
# firewall-cmd --zone=public --add-port=443/tcp --permanent
success
# firewall-cmd --reload
success
remove port rule
# firewall-cmd --zone=public --remove-port=5000/tcp --permanent
success
# firewall-cmd --zone=public --remove-port=5001/tcp --permanent
success
# firewall-cmd --reload
success
add service rule
# firewall-cmd --zone=public --add-service=ssh --permanent
success
# firewall-cmd --reload
success
list the rules
# firewall-cmd --info-zone=public
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: ssh dhcpv6-client
ports: 1891/tcp 80/tcp 443/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
enable logging
# firewall-cmd --get-log-denied ( to check status)
off
# firewall-cmd --set-log-denied=all ( to enable all /unicast/broadcast/multicast/off )
success