[firewalld]int g0/0/0
[firewalld-GigabitEthernet0/0/0]ip address 192.168.1.10 255.255.255.0
[firewalld-GigabitEthernet0/0/0]undo shutdown
//打开接口的http和https管理
[firewalld-GigabitEthernet0/0/0]service-manage http permit
[firewalld-GigabitEthernet0/0/0]service-manage https permit
[firewalld-GigabitEthernet0/0/0]quit
接口加入trust区域
[firewalld]firewall zone trust
[firewalld-zone-trust]add interface GigabitEthernet 0/0/0
[firewalld-zone-trust]quit
配置安全策略
[firewalld]security-policy
[firewalld-policy-security]rule name allow_web
[firewalld-policy-security-rule-allow_web]source-zone trust //指定条件
[firewalld-policy-security-rule-allow_web]destination-zone local //指定条件
[firewalld-policy-security-rule-allow_web]action permit ?//指定动作
[firewalld-policy-security-rule-allow_web]quit
[firewalld-policy-security]quit
//开启https功能
[firewalld]web-manager security enable
//配置aaa以及本地用户
[firewalld]aaa
[firewalld-aaa]manager-user demo
//以man-machine模式配置密码在屏幕上不会显示任何密码,更加安全
[firewalld-aaa-manager-user-demo]password
Enter Password:
Confirm Password:
[firewalld-aaa-manager-user-demo]service-type ?web //指定用户类型
[firewalld-aaa-manager-user-demo]level 3 //指定权限级别
[firewalld-aaa-manager-user-demo]quit
[firewalld-aaa]quit
华为防火墙 telnet
原文地址:http://blog.51cto.com/13468179/2324778