service firewalld start 启动防火漆firewall-cmd --list-all 查看防火墙 firewall-cmd --permanent --add-port=80/tcp 开放指定端口 firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.1.93" port protocol="tcp" port="80" accept" 允许指定ip地址访问指定端口 service firewalld reload 保存配置并生效 查看生成的配置文件: vim /etc/firewalld/zones/public.xml <?xml version="1.0" encoding="utf-8"?><zone> <short>Public</short> <description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description> <service name="ssh"/> <service name="dhcpv6-client"/> <service name="ftp"/> <port protocol="tcp" port="443"/> <port protocol="tcp" port="5918"/> <port protocol="tcp" port="9200"/> <port protocol="tcp" port="9300"/> <port protocol="tcp" port="3306"/> <rule family="ipv4"> <source address="192.168.1.93"/> <port protocol="tcp" port="80"/> <accept/> </rule></zone>
转载于:https://www.cnblogs.com/lbqiang/p/9596934.html
