配置 firewalld centos7

systemctl

systemctl start firewalld
systemctl status firewalld 
systemctl disable firewalld
systemctl stop firewalld

firewalld-cmd

#  版本
firewall-cmd --version

#  帮助
firewall-cmd --help

#  状态
firewall-cmd --state

#  查看开方的端口 
firewall-cmd --zone=public --list-ports

#  重载
firewall-cmd --reload

#  活动网卡
firewall-cmd --get-active-zones

#  指定某个网卡
firewall-cmd --get-zone-of-interface=ens33

#  拒绝所有包
firewall-cmd --panic-on

#  取消拒绝状态
firewall-cmd --panic-off

#  查看是否拒绝
firewall-cmd --query-panic

#  开启一个端口 
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --zone=public --add-port=123/udp --permanent
firewall-cmd --reload

#  查看
firewall-cmd --zone=public --query-port=80/tcp

#  删除
firewall-cmd --zone=public --remove-port=80/tcp --permanent