Travis —  June 13, 2015 — Leave a comment

One of the most common things I do on Linux machines is open ports to test software in a development environment.  In the past, that meant trying to remember (and Googling) cryptic iptables commands.  Now, CentOS 7 and Red Hat 7 include the nicer firewall-cmd tool to configure the firewall.

First, ensure the firewall-cmd service is running:

[root@localhost ~]# systemctl status firewalld

firewalld.service - firewalld - dynamic firewall daemon

Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)

Active: active (running) since Thu 2015-04-09 18:08:33 EDT; 2 months 3 days ago

Main PID: 642 (firewalld)

CGroup: /system.slice/firewalld.service

└─642 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

Apr 09 18:08:33 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.

[root@localhost ~]#

Now, the following command will open port 8080 for TCP traffic, for the current session only:

[root@localhost ~]# firewall-cmd --zone=public --add-port=8080/tcp

success

If you want to make the change persist across reboots, you can add the --permanent flag, and then do a --reload to make the change take effect in the current session.

[root@localhost ~]# firewall-cmd --zone=public --add-port=8080/tcp --permanent

success

[root@localhost ~]# firewall-cmd --reload

success

Now port 8080 should be open.  To verify, you can run with --list-all and look at the list of ports:

[root@localhost ~]# firewall-cmd --zone=public --list-all

public (default)

interfaces:

sources:

services: dhcpv6-client ssh

ports: 8080/tcp

masquerade: no

forward-ports:

icmp-blocks:

rich rules:

If you want to remove port 8080, you would use the --remove-port flag, with the --permanent flag if you want to persist the change:

[root@localhost ~]# firewall-cmd --zone=public --remove-port=8080/tcp --permanent

success

[root@localhost ~]# firewall-cmd --reload

success

You can use --list-all again to verify that the port has been removed:

[root@localhost ~]# firewall-cmd --zone=public --list-all

public (default)

interfaces:

sources:

services: dhcpv6-client ssh

ports:

masquerade: no

forward-ports:

icmp-blocks:

rich rules:

This is a very quick introduction to firewall-cmd.  There is much more to learn, but this is a quick, basic task that I find myself doing frequently.

转载自:http://www.linuxbrigade.com/centos-7-rhel-7-open-ports/

CentOS 7 / RHEL 7 – Open ports的更多相关文章

  1. CentOS 7 / RHEL 7 上安装 LAMP + phpMyAdmin

    原文 CentOS 7 / RHEL 7 上安装 LAMP + phpMyAdmin 发表于 2014-11-02 作者 Haoxian Zeng 更新于 2014-12-12   之前根据在 Lin ...

  2. 在CentOS或RHEL上安装Nux Dextop仓库

    介绍 Nux Dextop是类似CentOS.RHEL.ScientificLinux的第三方RPM仓库(比如:Ardour,Shutter等等).目前,Nux Dextop对CentOS/RHEL ...

  3. CentOS 7 (RHEL 7)服务管理命令的变化

    CentOS 7 (RHEL 7)带来了新的服务管理命令,为了保持兼容原有的命令仍可以使用,以下是新旧命令的对照. 启动.停止.重启.重载.检查服务:6: service httpd start|st ...

  4. 在CentOS或RHEL防火墙上开启端口

    转载自:https://linux.cn/article-4243-1.html 如果希望在服务器上提供服务,诸如CentOS或RHEL的企业级Linux发行版包含内置的强大防火墙,它们默认的防火墙规 ...

  5. CentOS 7 /RHEL 7: How To Change The System Locale

    The system localeare used to control the language setting of system services and the UI before the u ...

  6. centos install shutter (How to enable Nux Dextop repository on CentOS or RHEL)

    http://ask.xmodulo.com/enable-nux-dextop-repository-centos-rhel.html Question: I would like to insta ...

  7. Ajaxterm-0.10-8.el5.noarch.rpm CentOS 5 (RHEL 5) Download

    Ajaxterm-0.10-8.el5.noarch.rpm CentOS 5 (RHEL 5) Download Install Howto Download the latest epel-rel ...

  8. 如何在CentOS或者RHEL上启用Nux Dextop仓库 安装shutter截图工具

    Nux Dextop是一个面对CentOS.RHEL.ScientificLinux的含有许多流行的桌面和多媒体相关的包的第三方RPM仓库(比如:Ardour,Shutter等等).目前,Nux De ...

  9. Linux系统忘记管理员密码(CentOS、RHEL、Ubuntu)

    Linux系统忘记管理员密码(CentOS.RHEL.Ubuntu) 系统使用过程中,尤其是生产环境中.万一忘记管理员密码,该怎么办?是不是很绝望? 1.RHEL 7.0 重启主机进入引导界面键入e键 ...

随机推荐

  1. SSR———团队作业:小型论坛的设计与初步实现

    小型论坛的设计与初步实现 这次团队作业,我们设计的是一个小型论坛,作为团队中的一员,我主要负责对用户进行需求调研与对用户体验的过程拍摄总结,力求我们的项目在力所能及的范围内更加完美 视频:   度盘链 ...

  2. 成为一个高效的web开发人员,只需要三步

    想成为一名专业的web开发人员并不像你想象的那么容易,开发人员在开发自己的web项目时常常需要牢记很多东西,他们要不断寻找新理念,新创意,在特定时间内开发出高质量的产品,一名优秀的程序员必须明白时间的 ...

  3. 【杂记】JavaScript篇

    35.jquery中ifram子窗体调用父窗体方法.父窗体调用子窗体方法 //调用子窗体中的方法. ].contentWindow;//获取子窗体的window对象 childWindow.subFo ...

  4. DataList 用法详解

    <%@ Page Language="C#" AutoEventWireup="true" CodeBehind="DataList.aspx. ...

  5. C#正则表达式判断输入日期格式是否正确

      /// <summary>        /// 是否为日期型字符串        /// </summary>        /// <param name=&qu ...

  6. 化繁为简,最简易的SqlDataSource配合Cache使用~

    最近一个小项目用了比较方便傻瓜的DevExpress控件,实践中DevExpress的控件确实很方便. 在用ASPxGridView控件的时候,为了偷懒结合了SqlDataSource使用,但一直在大 ...

  7. Leetcode: Concatenated Words

    Given a list of words, please write a program that returns all concatenated words in the given list ...

  8. XPath、XQuery 以及 XSLT 函数

    存取函数 名称 说明 fn:node-name(node) 返回参数节点的节点名称. fn:nilled(node) 返回是否拒绝参数节点的布尔值. fn:data(item.item,...) 接受 ...

  9. How to use umbraco datetime property editor

    When I was using Umbraco datetime property editor, I met with a problem that the editor must be firs ...

  10. hdu5715 XOR 游戏 [2016百度之星复赛D题]

     比赛的时候没仔细想,赛后一想这题其实挺简单的,先求出序列的异或前缀和,然后将异或前缀和建出一颗trie树,然后我们可以二分答案,把问题变成判定性问题,判定是否存在一种方案,使得所有的分组的异或和都大 ...