可先透過 https://wiki.centos.org/zh-tw/FAQ/CentOS7 來了解 CentOS7 和之前版本的一些差異
yum install net-tools
firewall-cmd --get-default-zone
firewall-cmd --zone=iredmail --list-services
firewall-cmd --zone=iredmail --add-service=mysql
firewall-cmd --zone=iredmail --permanent --list-services
firewall-cmd --zone=iredmail --permanent --add-service=snmp
firewall-cmd --complete-reload
讓設定生效
[root@jonathan-vm1 ~]# firewall-cmd --get-default-zone FirewallD is not running [root@jonathan-vm1 ~]# systemctl start firewalld [root@jonathan-vm1 ~]# systemctl enable firewalld Created symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service → /usr/lib/systemd/system/firewalld.service. Created symlink /etc/systemd/system/multi-user.target.wants/firewalld.service → /usr/lib/systemd/system/firewalld.service. [root@jonathan-vm1 ~]# firewall-cmd --get-default-zone public [root@jonathan-vm1 ~]# firewall-cmd --list-services cockpit dhcpv6-client ssh [root@jonathan-vm1 ~]# systemctl stop firewalld [root@jonathan-vm1 ~]# systemctl disable firewalld Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. Removed /etc/systemd/system/multi-user.target.wants/firewalld.service. [root@jonathan-vm1 ~]# systemctl list-unit-files | grep firewalld firewalld.service disabled
ss -l -n
Exp. 看 SMTP 25 port
# ss -l -n | grep 25 tcp LISTEN 0 100 *:25 *:* tcp LISTEN 0 100 :::25 :::*
ss -t -n
Exp. 看 IMAP port 143 連線
# ss -t -n | grep 143 ESTAB 0 0 192.168.0.236:143 60.248.245.172:56450 ESTAB 0 0 192.168.0.236:143 192.168.0.2:51137 ESTAB 0 0 192.168.0.236:143 192.168.0.254:14983 ESTAB 0 0 192.168.0.236:143 192.168.0.254:14902 : ESTAB 0 0 192.168.0.236:143 60.248.245.172:62832
: BOOTPROTO=static IPADDR=192.168.1.28 NETMASK=255.255.255.0 GATEWAY=192.168.1.254 : DNS1=192.168.1.254 DNS2=101.101.101.101
systemctl restart network.service
ip a ip route list
nmcli con mod eth0 ipv4.dns "192.168.11.242 168.95.192.1" nmcli con up eth0
: net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1
sysctl -p