Firewalld is a powerful and yet simple to use tool to manage a firewall on RHEL 8 / CentOS 8 Server or GNOME workstation. Firewalld allows to manage open or close ports using predefined services as well as open and close user custom ports.
In this tutorial you will learn:
- How to open and close ports on RHEL 8 / CentOS 8 with Firewalld.
- How to open and close services on RHEL 8 / CentOS 8.
- How to reload firewall configuration.
- How to list open ports or services.
Software Requirements and Conventions Used
Category | Requirements, Conventions or Software Version Used |
---|---|
System | RHEL 8 / CentOS 8 |
Software | firewall-cmd 0.6.3 or higher |
Other | Privileged access to your Linux system as root or via the sudo command. |
Conventions |
# – requires given linux commands to be executed with root privileges either directly as a root user or by use of sudo command$ – requires given linux commands to be executed as a regular non-privileged user |
How to open ports on RHEL 8 / CentOS 8 Linux step by step instructions
To open ports on RHEL 8 / CentOS 8 system is a rather simple procedure. Here is how it goes step by step:
- First, check for already opened ports or enabled systemd service. It might be that the port you are trying to open is already available in which case there is nothing to do:
# firewall-cmd --list-all
- Check whether the service you are trying to configure your firewall with is available as a preconfigured feature. The below command will list all ready to use services:
# firewall-cmd --get-services
- Obtain a list of zones you wish the port to be opened within:
# firewall-cmd --get-zones
In most cases you are interested in the
public
zone which is the default firewall zone for all operations without explicitly providing zone name as an argument to thefirewall-cmd
command. - Open port or service.
If the service you wish to configure your firewall with is available as a preconfigured feature as retrieved in
Step 2 use its name to open the port.For example let’s open HTTP service port for zone
public
:# firewall-cmd --zone=public --permanent --add-service=http
In case the port you wish to open is not a part of the preconfigured services use the
--add-port
option. For example let’s open TCP port8080
for zonepublic
:# firewall-cmd --zone=public --permanent --add-port 8080/tcp
- Reload firewall settings. Once you have opened port or services make sure to reload the firewall:
# firewall-cmd --reload
- Confirm that port or service was opened successfully:
# firewall-cmd --list-all
How to close ports on RHEL 8 / CentOS 8 Linux step by step instructions
To open ports on RHEL 8 system is a rather simple procedure. Here is how it goes step by step:
- First check for already opened ports or services. Take a note of the zone, protocol as well as port or service you wish to close:
# firewall-cmd --list-all
- Close port or service. The below command will close the
http
service in thepublic
zone:# firewall-cmd --zone=public --permanent --remove-service http
In case you wish to close a specific port use the
--remove-port
option. For example let’s close the TCP 8080 port:# firewall-cmd --zone=public --permanent --remove-port 8080
- Reload the firewall settings:
# firewall-cmd --reload
- Confirm that port or service was closed successfully:
# firewall-cmd --list-all