firewall-cmd
The firewalld command-line client. More information: https://firewalld.org/documentation/man-pages/firewall-cmd.
-
View the available firewall zones:
firewall-cmd --get-active-zones
-
View the rules which are currently applied:
firewall-cmd --list-all
-
Permanently move the interface into the block zone, effectively blocking all communication:
firewall-cmd --permanent --zone={{block}} --change-interface={{enp1s0}}
-
Permanently open the port for a service in the specified zone (like port 443 when in the
public
zone):
firewall-cmd --permanent --zone={{public}} --add-service={{https}}
-
Permanently close the port for a service in the specified zone (like port 80 when in the
public
zone):
firewall-cmd --permanent --zone={{public}} --remove-service={{http}}
-
Permanently open two arbitrary ports in the specified zone:
firewall-cmd --permanent --zone={{public}} --add-port={{25565/tcp}} --add-port={{19132/udp}}
-
Reload firewalld to force rule changes to take effect:
firewall-cmd --reload
License and Disclaimer
The content on this page is copyright © 2014—present the tldr-pages team and contributors.This page is used with permission under Creative Commons Attribution 4.0 International License.
While we do attempt to make sure content is accurate, there isn't a warranty of any kind.