← 返回命令列表

Linux command

firewalld 命令

安全

权限或系统影响较大,执行前请核对目标。

常用示例

Start firewalld

sudo systemctl start firewalld

Enable firewalld

sudo systemctl enable firewalld

Check firewalld status

sudo systemctl status firewalld

Run firewalld

sudo firewalld --debug

Run firewalld

sudo firewalld --nofork

Run firewalld

sudo firewalld --nopid

说明

firewalld is a dynamic firewall daemon providing a frontend for nftables (or iptables as a legacy backend). It manages firewall rules dynamically, allowing changes without disrupting existing connections or requiring a full restart. Firewalld uses the concept of zones to define trust levels for network connections (public, home, work, trusted, etc.). Each zone has predefined rules for allowed services and ports. Services define ports and protocols for common applications (ssh, http, https). Users interact with firewalld primarily through firewall-cmd, the command-line client. Changes can be made at runtime (temporary) or permanently (persist across reboots). The daemon handles rule translation and manages the underlying packet filtering.

参数

--debug
Set log level to debug and run in foreground.
--debug-gc
Enable garbage collector leak information.
--nofork
Do not fork into background (stay in foreground).
--nopid
Disable writing PID file.
--system-config _DIR_
Path to system configuration directory.
--default-config _DIR_
Path to default configuration directory.
-h, --help
Display help message.

FAQ

What is the firewalld command used for?

firewalld is a dynamic firewall daemon providing a frontend for nftables (or iptables as a legacy backend). It manages firewall rules dynamically, allowing changes without disrupting existing connections or requiring a full restart. Firewalld uses the concept of zones to define trust levels for network connections (public, home, work, trusted, etc.). Each zone has predefined rules for allowed services and ports. Services define ports and protocols for common applications (ssh, http, https). Users interact with firewalld primarily through firewall-cmd, the command-line client. Changes can be made at runtime (temporary) or permanently (persist across reboots). The daemon handles rule translation and manages the underlying packet filtering.

How do I run a basic firewalld example?

Run `sudo systemctl start firewalld` in a terminal, then adjust file names, paths, flags, or remote targets for your system.

What does --debug do in firewalld?

Set log level to debug and run in foreground.