iptables备份和恢复、firewalld的9个zone和操作

七周五次课（12月1日）
10.19 iptables规则备份和恢复

iptables-save > /tmp/iptab.txt #备份
iptables-restore < /tmp/iptab.txt #恢复

10.20 firewalld的9个zone

打开firewalld
systemctl disable iptables
systemctl stop iptables
systemctl enable firewalld
systemctl start firewalld
firewalld默认有9个zone
默认zone为public
firewall-cmd –get-zones //查看所有zone
[[email protected] ~]# firewall-cmd –get-zones
work drop internal external trusted home dmz public block
[[email protected] ~]#

firewall-cmd –get-default-zone//查看默认zone
[[email protected] ~]# firewall-cmd –get-default-zone
public
[[email protected] ~]#

10.21 firewalld关于zone的操作

firewall-cmd –set-default-zone=work //设定默认zone

firewall-cmd –get-zone-of-interface=ens33 //查指定网卡
firewall-cmd –zone=public –add-interface=lo //给指定网卡设置zone
firewall-cmd –zone=dmz –change-interface=lo //针对网卡更改zone
firewall-cmd –zone=dmz –remove-interface=lo //针对网卡删除zone
firewall-cmd –get-active-zones //查看系统所有网卡所在的zone

10.22 firewalld关于service的操作