差異處

這裏顯示兩個版本的差異處。

--- tech:centos7_network [2021/01/16 14:40] – 更換 plugin jonathan
+++ tech:centos7_network [2021/09/11 14:57] (目前版本) – [FirewallD (取代 iptables)] jonathan
@@ 行 100: / 行 100: @@
   * 查看永久開放的服務 <code sh>firewall-cmd --zone=iredmail --permanent --list-services</code>
   * 新增永久開放的服務 <code sh>firewall-cmd --zone=iredmail --permanent --add-service=snmp</code>
 <note>
   * 如果是直接修改 /etc/firewalld/services/ 或 /etc/firewalld/zones/ 裡面的設定檔
@@ 行 108: / 行 107: @@
 </code>讓設定生效
 </note>
+  * 啟用與關閉 firewalld <cli>
+[root@jonathan-vm1 ~]# firewall-cmd --get-default-zone
+FirewallD is not running
+[root@jonathan-vm1 ~]# systemctl start firewalld
+[root@jonathan-vm1 ~]# systemctl enable firewalld
+Created symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service → /usr/lib/systemd/system/firewalld.service.
+Created symlink /etc/systemd/system/multi-user.target.wants/firewalld.service → /usr/lib/systemd/system/firewalld.service.
+[root@jonathan-vm1 ~]# firewall-cmd --get-default-zone
+public
+[root@jonathan-vm1 ~]# firewall-cmd --list-services
+cockpit dhcpv6-client ssh
+[root@jonathan-vm1 ~]# systemctl stop firewalld
+[root@jonathan-vm1 ~]# systemctl disable firewalld
+Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
+Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
+[root@jonathan-vm1 ~]# systemctl list-unit-files | grep firewalld
+firewalld.service                                                disabled
+</cli>
 ===== netstat 的替代語法 ss =====