1、防火墙启动、状态、开机自启
systemctl start firewalld
systemctl status firewalld
systemctl is-enabled firewalld
systemctl enabled firewalld
2、防火墙伪IP开启
firewall-cmd --add-masquerade --permanent
3、防火墙开放端口
firewall-cmd --zone=public --add-port=60001/tcp --permanent
4、防火墙永久转发
firewall-cmd --add-forward-port=port=60001:proto=tcp:toaddr=10.3.67.205:toport=85 --permanent
5、防火墙永久删除
firewall-cmd --remove-forward-port=port=60025:proto=tcp:toaddr=10.3.75.200:toport=3306 --permanent
6、防火墙临时转发,重启则无
firewall-cmd --add-forward-port=port=60023:proto=tcp:toaddr=10.64.28.32:toport=3306
7、防火墙生效,既有链接不会断开,每次修改完都需执行如下生效命令。
firewall-cmd --reload
8、查看防火墙转发列表
firewall-cmd --list-all
来源:CSDN
作者:Little world1102
链接:https://blog.csdn.net/sinat_36418208/article/details/103916189