Considering the security of the server, we usually need to open the firewall. Even if there is a security group in the server background, we need to set a firewall in the server. The process of CentOS opening the firewall is recorded here.
1. Check firewall status
First, you can check the current status of the firewall. Run the following command in the terminal:
sudo systemctl status firewalld
If the firewall is already running, you will see the output of "active (running)".
2. Start firewall
If the firewall is not running, you can start it with the following command:
sudo systemctl start firewalld
3. Set the firewall to boot automatically
To ensure that the firewall starts automatically after the system restarts, you can run the following commands:
sudo systemctl enable firewalld
4. Configure firewall rules
To configure firewall rules, you can use the firewall cmd command. The following are some common examples of firewall operations:
Allow specific ports to pass through the firewall:
sudo firewall-cmd --zone=public --add-port=80/tcp --permanent
Allow specified services (such as SSH) to pass through the firewall:
sudo firewall-cmd --zone=public --add-service=ssh --permanent
Remove rule:
sudo firewall-cmd --zone=public --remove-port=80/tcp --permanent
5. Reload firewall configuration
After adding, modifying or deleting firewall rules, you need to reload the firewall configuration for the changes to take effect:
sudo firewall-cmd --reload
It should be noted that before any firewall configuration, we need to ensure that we understand our network environment and security requirements, and operate carefully. Backup must be made if necessary.
