centos7上的firewalld完全是个鸡肋。我们可以停用和卸载firewalld,然后启用iptables:
systemctl stop firewalld
systemctl disable firewalld
yum erase firewalld -y
systemctl enable iptables
systemctl start iptables
systemctl stop firewalld
systemctl disable firewalld
yum erase firewalld -y
systemctl enable iptables
systemctl start iptables