Rocky Linux 8.4にfirewalld設定方法
1.firewalld現在の設定の確認
[root@localhost ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens33
sources:
services: cockpit dhcpv6-client ntp ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@localhost ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens33
sources:
services: cockpit dhcpv6-client ntp ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@localhost ~]# firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: ens33 sources: services: cockpit dhcpv6-client ntp ssh ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
2.HTTP(80/tcp)を許可する
[root@localhost ~]# firewall-cmd --add-port=80/tcp --permanent
success
HTTPS(443/tcp)を許可する
[root@localhost ~]# firewall-cmd --add-port=443/tcp --permanent
success
設定を読み込む
[root@localhost ~]# firewall-cmd --reload
success
[root@localhost ~]# firewall-cmd --add-port=80/tcp --permanent
success
HTTPS(443/tcp)を許可する
[root@localhost ~]# firewall-cmd --add-port=443/tcp --permanent
success
設定を読み込む
[root@localhost ~]# firewall-cmd --reload
success
[root@localhost ~]# firewall-cmd --add-port=80/tcp --permanent success HTTPS(443/tcp)を許可する [root@localhost ~]# firewall-cmd --add-port=443/tcp --permanent success 設定を読み込む [root@localhost ~]# firewall-cmd --reload success
3.firewalld設定の確認
[root@localhost ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens33
sources:
services: cockpit dhcpv6-client ntp ssh
ports: 80/tcp 443/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@localhost ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens33
sources:
services: cockpit dhcpv6-client ntp ssh
ports: 80/tcp 443/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@localhost ~]# firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: ens33 sources: services: cockpit dhcpv6-client ntp ssh ports: 80/tcp 443/tcp protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: