admin管理员组文章数量:1642346
firewall-cmd --set-default-zone=trusted #切换默认管理区域,允许全部通过
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address=0.0.0.0/0 port protocol=tcp port=2379 reject'
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address=0.0.0.0/0 port protocol=tcp port=2380 reject'
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address=0.0.0.0/0 port protocol=tcp port=6443 reject'
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address=0.0.0.0/0 port protocol=tcp port=10257 reject'
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address=0.0.0.0/0 port protocol=tcp port=10259 reject'
加载配置使生效(不执行则规则不生效)
firewall-cmd --reload
[root@master weihu]# firewall-cmd --list-all
trusted (active)
target: ACCEPT
icmp-block-inversion: no
interfaces: eth0
sources:
services:
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="0.0.0.0/0" port port="2379" protocol="tcp" reject
rule family="ipv4" source address="0.0.0.0/0" port port="2380" protocol="tcp" reject
rule family="ipv4" source address="0.0.0.0/0" port port="6443" protocol="tcp" reject
rule family="ipv4" source address="0.0.0.0/0" port port="10257" protocol="tcp" reject
rule family="ipv4" source address="0.0.0.0/0" port port="10259" protocol="tcp" reject
版权声明:本文标题:firewall-cmd方式禁用个别端口 内容由热心网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:https://m.elefans.com/xitong/1729337697a1197196.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论