centos - 在CentOS 7上打开防火墙端口(Open firewall port on CentOS 7)

Question

I am using CentOS 7 and I have to ensure that ports 2888 and 3888 are open.

(我正在使用CentOS 7，并且必须确保端口2888和3888已打开。)

I read this article but this did not work because on CentOS 7 OS there is no iptables save command.

(我读了这篇文章，但是没有用，因为在CentOS 7 OS上没有iptables save命令。)

Someone told me that the above URL is not valid for CentOS 7. and I should follow this .

(有人告诉我，上述URL对CentOS 7无效。我应该遵循这一点 。)

But this article is not clear to me on exactly what command I need to execute.

(但是这篇文章对我到底需要执行什么命令尚不清楚。)

I also found

(我也发现)

firewall-cmd --zone=public --add-port=2888/tcp 

but this does not survive reboots.

(但这无法在重新启动后继续存在。)

So how can I open the ports and make it survive reboots?

(那么，如何打开端口并使其在重启后不受影响？)

  ask by Knows Not Much translate from so

Answer 1

Use this command to find your active zone(s):

(使用此命令查找您的活动区域：)

firewall-cmd --get-active-zones

It will say either public, dmz, or something else.

(它会说是public，dmz或其他名称。)

You should only apply to the zones required.

(您只应申请所需的区域。)

In the case of public try:

(在公共尝试的情况下：)

firewall-cmd --zone=public --add-port=2888/tcp --permanent

Then remember to reload the firewall for changes to take effect.

(然后，请记住重新加载防火墙以使更改生效。)

firewall-cmd --reload

Otherwise, substitute public for your zone, for example, if your zone is dmz:

(否则，用public代替您的区域，例如，如果您的区域是dmz：)

firewall-cmd --zone=dmz --add-port=2888/tcp --permanent