Permanently move the interface into the block zone, effectively blocking all communication: firewall-cmd --permanent --zone=block --change-interface=enp1s0 Permanently open the port for a service in the specified zone (like port 443 when in the `public` zone): firewall-cmd --permanent --...
Now that you have firewalld installed on your Linux system, it's time to move on to a basic setup. Firewallduses zones to define different security levels. Each network interface is associated with a specific zone, and each zone has its own security rules. Here are some common areas: p...
下一步是获取网络接口适用的 域(zone)。例如,我使用的桌面有两个网络接口:一个物理接口(enp0s3),代表我实际的网卡,和虚拟接口(virbr0),它由 KVM 等虚拟化软件使用。要查看哪些域处于活动状态,请运行 firewall-cmd ‐‐get-active-zones。 现在,你知道了你感兴趣的域,可以使用 firewall-cmd ‐‐info-zone=...