防火墙设置
允许指定ip+端口访问
bash
firewall-cmd --permanent --add-rich-rule="rule family="ipv4" source address="192.168.1.1" port protocol="tcp" port="80" accept"允许指定ip
bash
firewall-cmd --add-source=192.168.20.0/24 --permanent --zone=trusted或
bash
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="11.0.44.240/29" accept'或
bash
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.1.100" accept'或可以指定名称,以便于用来修改规则时删规则除用
bash
firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.1.100" accept' --name='ALLOW_IP_192_168_1_100'删除规则
bash
firewall-cmd --permanent --remove-rich-rule='rule family="ipv4" source address="192.168.1.100" accept' --name='ALLOW_IP_192_168_1_100'以上命令完成后均需重新加载
重新加载防火墙规则
bash
firewall-cmd --reload检查规则是否正确添加
bash
firewall-cmd --list-all