This article explains how to open FTP port 21 on RHEL 8 / CentOS 8 Linux system with the
firewalld firewall. The FTP protocol is primarily used by file transfer services such as, but not limited to, vsftpd FTP server. For more information visit our introduction guide to firewalld syntax and usage guide.
In this tutorial you will learn:
- How to open FTP port 21.
- How to open FTP port 21 permanently.
- How to list currently open ports/services.
- How to close/remove open FTP port 21.
Software Requirements and Conventions Used
|Category||Requirements, Conventions or Software Version Used|
|System||RHEL 8 / CentOS 8|
|Software||firewall-cmd 0.6.3 or higher|
|Other||Privileged access to your Linux system as root or via the
# – requires given linux commands to be executed with root privileges either directly as a root user or by use of
$ – requires given linux commands to be executed as a regular non-privileged user
RHEL 8 / CentOS 8 open FTP port 21 step by step instructions
- Check the status of your firewall.
# firewall-cmd --state running
Retrieve your currently active zones. Take a note of the zone within which you wish to open port 21:
# firewall-cmd --get-active-zones libvirt interfaces: virbr0 public interfaces: enp0s3
- Open port 21.
The port 21 port is listed with Firewalld as the
ftpservice. To temporarily open port 21 execute:
# firewall-cmd --zone=public --add-service=ftp
Note, the above
firewall-cmdcommand will open FTP 21 port only temporarily.
- Open FTP port 21 permanently. Execute the below command to open port 21 permanently hence, make the settings persistent after reboot:
# firewall-cmd --zone=public --permanent --add-service=ftp
- Check for open ports/services. The services with permanently open ports are listed on line starting with
# firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: enp0s3 sources: services: cockpit dhcpv6-client ftp ssh ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
- In case you need to close the previously opened FTP port 21 execute:
# firewall-cmd --zone=public --permanent --remove-service=ftp