Yadda za a gyara firewall-cmd: umarni ba a samo ba Kuskure a RHEL/CentOS 7

Firewall-cmd layin umarni ne na gaba-gaba don Firewalld (firewalld daemon), kayan aikin sarrafa wuta mai ƙarfi tare da dubawar D-Bus.

Yana goyan bayan duka IPv4 da IPv6; yana kuma goyan bayan cibiyoyin sadarwa na Firewall zones, gadoji da ipsets. Yana ba da izinin ƙayyadaddun ƙa'idodin Tacewar zaɓi a cikin yankuna, an hana fakitin rajistan ayyukan, ɗora kayan kwaya ta atomatik, da sauran abubuwa da yawa.

Firewalld yana amfani da lokacin aiki da zaɓuɓɓukan sanyi na dindindin, waɗanda zaku iya sarrafa ta amfani da Firewall-cmd. A cikin wannan labarin, za mu yi bayanin yadda ake warware kuskuren \Firewall-cmd: umarni ba a samo ba akan tsarin RHEL/CentOS 7 Linux.

Mun ci karo da kuskuren da ke sama yayin ƙoƙarin daidaita ka'idodin Tacewar zaɓi akan sabon ƙaddamar da AWS (Sabis ɗin Yanar Gizon Amazon) EC2 (Lastic Cloud Compute) RHEL 7.4 misali Linux, kamar yadda aka nuna a hoton da ke ƙasa.

Don gyara wannan kuskuren, kuna buƙatar shigar da firewalld akan RHEL/CentOS 7 ta amfani da yum package manager kamar haka.

$ sudo yum install firewalld

Na gaba, fara Firewalld kuma kunna shi don farawa ta atomatik a boot ɗin tsarin, sannan duba matsayinsa.

$ sudo systemctl start firewalld
$ sudo systemctl enable firewalld
$ sudo systemctl status firewalld

Yanzu zaku iya gudanar da Firewall-cmd don buɗe tashar jiragen ruwa (5000 a cikin wannan misalin) a cikin Tacewar zaɓi kamar wannan, koyaushe ku sake shigar da saitunan Tacewar zaɓi don canje-canje suyi tasiri.

$ sudo firewall-cmd --zone=public --add-port=5000/tcp --permanent
$ sudo firewall-cmd --reload

Don toshe tashar jiragen ruwa na sama, gudanar da waɗannan umarni.

$ sudo firewall-cmd --zone=public --remove-port=5000/tcp --permanent
$ sudo firewall-cmd --reload

Hakanan kuna iya son karanta waɗannan jagororin masu amfani na Firewalld:

  1. Yadda ake Fara/Dakata da Kunna/A kashe FirewallD da Iptables Firewall a Linux
  2. Yadda ake saita FirewallD a cikin CentOS/RHEL 7
  3. Dokokin 'FirewallD' masu amfani don Sanyawa da Sarrafa Wuta a cikin Linux
  4. Abubuwan da ake buƙata na Firewall da Gudanar da zirga-zirgar hanyar sadarwa ta amfani da FirewallD da Iptables
  5. Yadda ake toshe SSH da FTP damar zuwa takamaiman IP da kewayon hanyar sadarwa a Linux

A cikin wannan labarin, mun bayyana yadda ake warware \firewall-cmd: umarni ba a samo ba akan RHEL/CentOS 7. Don yin kowace tambaya ko raba wasu tunani, yi amfani da fom na sharhi da ke ƙasa.