「CentOS7入門」firewalldの基本利用方法
1.firewalld稼働状況確認
# firewall-cmd –state
running
2.systemctl稼働状況の確認
# systemctl status firewalld
* firewalld.service – firewalld – dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2018-12-06 09:33:48 JST; 2 weeks 0 days ago
Docs: man:firewalld(1)
Main PID: 30249 (firewalld)
CGroup: /system.slice/firewalld.service
`-30249 /usr/bin/python -Es /usr/sbin/firewalld –nofork –nopid
Dec 06 09:33:48 xxxx systemd[1]: Starting firewalld …
Dec 06 09:33:48 xxxx systemd[1]: Started firewalld -…
Hint: Some lines were ellipsized, use -l to show in full.
3.ゾーンの設定状態
# firewall-cmd –list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: dhcpv6-client http ssh
ports: 8080/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
4.httpをpublic ゾーンに追加
# firewall-cmd –zone=public –add-service=http
success
5.firewalldの起動、停止
# systemctl start firewalld
# systemctl stop firewalld