防火墙相关命令

禁用
systemctl disable firewalld
启用
systemctl enable firewalld
开启
systemctl start firewalld
关闭
systemctl stop firewalld
重启
systemctl restart firewalld
重载
firewall-cmd --reload

防火墙配置文件 端口开放 /etc/firewalld/zones/public.xml

<?xml version="1.0" encoding="utf-8"?>
<zone>
  <short>Public</short>
  <description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
  <service name="ssh"/>
  <service name="dhcpv6-client"/>
  <port protocol="tcp" port="22"/>
  <port protocol="tcp" port="16000"/>
</zone>

信任ip地址配置 /etc/firewalld/zones/trusted.xml

<?xml version="1.0" encoding="utf-8"?>
<zone target="ACCEPT">
  <short>Trusted</short>
  <description>All network connections are accepted.</description>
  <source address="10.8.0.0/24"/>
  <source address="192.168.1.7"/>
</zone>