| abbreviations |
<fc>: firewall-cmd
[nr]: Have a look at link <nr>
|
--
|
| enable / disable |
systemctl start firewalld && systemctl enable firewalld
systemctl stop firewalld && systemctl disable firewalld
|
ufw enable && systemctl start ufw && systemctl enable ufw
systemctl stop ufw && systemctl disable ufw && ufw disable
|
| permanent change |
<fc> --permanent <args...>
|
default behaviour (?)
|
| runtime configuration to permanent |
<fc> --runtime-to-permanent
|
--
|
| reload firewalld configuration |
<fc> --reload
<fc> --complete-reload
|
ufw reload
|
| specify firewall zone |
<fc> --zone=<zone> <args...>
|
--
|
| get/set default zone |
<fc> --get-default-zone
<fc> --set-default-zone
|
--
|
| list rules |
<fc> --list-all
<fc> --list-all-zones
|
ufw status [verbose|numbered]
ufw show raw
|
| add/remove service |
<fc> --add-service=<service>
<fc> --remove-service=<service>
|
ufw allow <service>
ufw deny <service>
|
| add/remove port |
<fc> --add-port=<port>/<protocol>
<fc> --remove-port=<port>/<protocol>
|
ufw allow <port>[:<port>]/<protocol>
ufw deny <port>[:<port>]/<protocol>
|
| add/query/remove rich rule |
<fc> --add-rich-rule='<rule>'
<fc> --remove-rich-rule='<rule>'
<fc> --query-rich-rule='<rule>'
<rule>: [1]
|
ufw allow from <ip>
ufw deny from <ip>
|
| enable/disable/query panic mode |
<fc> --panic-on
<fc> --panic-off
<fc> --query-panic
|
--
|