CentOS Stream 8 Firewall Setting Tutorial
CentOS Stream 8 Firewall Management Guide: Use firewalld to finely control network access
The CentOS Stream 8 system uses firewalld as a dynamic firewall management tool, which defines the security level of different network traffic based on the concept of "zones". This guide will gradually explain the basic configuration and management methods of firewalld.
1. Install firewalld
If firewalld is not installed, execute the following command:
sudo dnf install firewalld
2. Startup and status check
Start the firewalld service:
sudo systemctl start firewalld
Check service status:
sudo systemctl status firewalld
3. Regional settings and management
Set the default region (for example, set the eth0 interface to the public region):
sudo firewall-cmd --set-default-zone=public
View all available areas:
sudo firewall-cmd --get-zones
View the currently active area:
sudo firewall-cmd --get-active-zones
4. Port rule configuration
Permanently add ports (for example, HTTP port 80):
sudo firewall-cmd --permanent --add-port=80/tcp
Apply changes:
sudo firewall-cmd --reload
Delete the port (for example, HTTP port 80):
sudo firewall-cmd --permanent --remove-port=80/tcp
Apply changes:
sudo firewall-cmd --reload
5. IP address access control
Use the rich-rule command to allow access to a specific IP address (for example, to allow access to port 3306 by 192.168.1.100):
sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.1.100" port port="3306" protocol="tcp" accept'
Apply changes:
sudo firewall-cmd --reload
6. Check the firewall rules
View all firewall rules:
sudo firewall-cmd --list-all
7. Firewall switch and power-on start
Turn off the firewall:
sudo systemctl stop firewalld
Enable the firewall to start automatically:
sudo systemctl enable firewalld
This guide provides basic configuration methods for CentOS Stream 8 firewall. Depending on actual needs, you can flexibly use these commands to set more refined firewall rules. Please note that after modifying the firewall rules, be sure to use the sudo firewall-cmd --reload command to make the changes take effect.
The above is the detailed content of CentOS Stream 8 Firewall Setting Tutorial. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
How to use the chrono library in C?
Apr 28, 2025 pm 10:18 PM
Using the chrono library in C can allow you to control time and time intervals more accurately. Let's explore the charm of this library. C's chrono library is part of the standard library, which provides a modern way to deal with time and time intervals. For programmers who have suffered from time.h and ctime, chrono is undoubtedly a boon. It not only improves the readability and maintainability of the code, but also provides higher accuracy and flexibility. Let's start with the basics. The chrono library mainly includes the following key components: std::chrono::system_clock: represents the system clock, used to obtain the current time. std::chron
How to use string streams in C?
Apr 28, 2025 pm 09:12 PM
The main steps and precautions for using string streams in C are as follows: 1. Create an output string stream and convert data, such as converting integers into strings. 2. Apply to serialization of complex data structures, such as converting vector into strings. 3. Pay attention to performance issues and avoid frequent use of string streams when processing large amounts of data. You can consider using the append method of std::string. 4. Pay attention to memory management and avoid frequent creation and destruction of string stream objects. You can reuse or use std::stringstream.
How to measure thread performance in C?
Apr 28, 2025 pm 10:21 PM
Measuring thread performance in C can use the timing tools, performance analysis tools, and custom timers in the standard library. 1. Use the library to measure execution time. 2. Use gprof for performance analysis. The steps include adding the -pg option during compilation, running the program to generate a gmon.out file, and generating a performance report. 3. Use Valgrind's Callgrind module to perform more detailed analysis. The steps include running the program to generate the callgrind.out file and viewing the results using kcachegrind. 4. Custom timers can flexibly measure the execution time of a specific code segment. These methods help to fully understand thread performance and optimize code.
How to optimize code
Apr 28, 2025 pm 10:27 PM
C code optimization can be achieved through the following strategies: 1. Manually manage memory for optimization use; 2. Write code that complies with compiler optimization rules; 3. Select appropriate algorithms and data structures; 4. Use inline functions to reduce call overhead; 5. Apply template metaprogramming to optimize at compile time; 6. Avoid unnecessary copying, use moving semantics and reference parameters; 7. Use const correctly to help compiler optimization; 8. Select appropriate data structures, such as std::vector.
How to understand DMA operations in C?
Apr 28, 2025 pm 10:09 PM
DMA in C refers to DirectMemoryAccess, a direct memory access technology, allowing hardware devices to directly transmit data to memory without CPU intervention. 1) DMA operation is highly dependent on hardware devices and drivers, and the implementation method varies from system to system. 2) Direct access to memory may bring security risks, and the correctness and security of the code must be ensured. 3) DMA can improve performance, but improper use may lead to degradation of system performance. Through practice and learning, we can master the skills of using DMA and maximize its effectiveness in scenarios such as high-speed data transmission and real-time signal processing.
What is real-time operating system programming in C?
Apr 28, 2025 pm 10:15 PM
C performs well in real-time operating system (RTOS) programming, providing efficient execution efficiency and precise time management. 1) C Meet the needs of RTOS through direct operation of hardware resources and efficient memory management. 2) Using object-oriented features, C can design a flexible task scheduling system. 3) C supports efficient interrupt processing, but dynamic memory allocation and exception processing must be avoided to ensure real-time. 4) Template programming and inline functions help in performance optimization. 5) In practical applications, C can be used to implement an efficient logging system.
What is static analysis in C?
Apr 28, 2025 pm 09:09 PM
The application of static analysis in C mainly includes discovering memory management problems, checking code logic errors, and improving code security. 1) Static analysis can identify problems such as memory leaks, double releases, and uninitialized pointers. 2) It can detect unused variables, dead code and logical contradictions. 3) Static analysis tools such as Coverity can detect buffer overflow, integer overflow and unsafe API calls to improve code security.
How to implement loosely coupled design in C?
Apr 28, 2025 pm 09:42 PM
To implement loose coupling design in C, you can use the following methods: 1. Use interfaces, such as defining the Logger interface and implementing FileLogger and ConsoleLogger; 2. Dependency injection, such as the DataAccess class receives Database pointers through the constructor; 3. Observer mode, such as the Subject class notifies ConcreteObserver and AnotherObserver. Through these technologies, dependencies between modules can be reduced and code maintainability and flexibility can be improved.
