How to open a port on a centos firewall

If you want to provide services on the server, the enterprise-class Linux distributions, such as CentOS or RHEL, contain built-in powerful firewalls, and their default firewall rules are very stringent. Therefore, if you install any custom services (such as Web servers, NFS, and Samba), centos 7 firewall cmd their traffic is likely to be blocked by firewall rules. So you need to open the necessary ports on the firewall to allow traffic to pass.

How to check firewall rules in centos 7

On Centos/rhel 6 or earlier, turn on firewall centos 7 the Iptables service allows users to interact with the NetFilter kernel module to configure firewall rules in user space. However, starting with Centos/rhel 7, a new user space interface called FIREWALLD was introduced to replace the Iptables service.

Use this command to view the current firewall rules: centos 7 firewall commands

The code is as follows: how to open firewall in centos 7

$ sudo iptables-l

Enable port firewall centos 7

Now, let's see how to modify the firewall on the Centos/rhel to open a port.

Open the port on Centos/rhel 7

After starting Centos/rhel 7, firewall rule settings are managed by the FIREWALLD service process by default. A command line client called Firewall-cmd supports and communicates with this daemon to permanently modify firewall rules.

Use these commands to permanently open a new port (such as TCP/80).

The code is as follows:

$ sudo firewall-cmd--zone=public--add-port=80/tcp--permanent

$ sudo firewall-cmd--reload

If you do not use the "--permanent" tag, the firewall rules will fail after reboot.

Open the port on Centos/rhel 6

On Centos/rhel 6 or earlier systems, the Iptables service is responsible for maintaining firewall rules.

Use the first command of Iptables to open a new TCP/UDP port through the firewall. To permanently save the modified rule, you need a second command.

The code is as follows:

$ sudo iptables-i input-p tcp-m tcp--dport 80-j ACCEPT

$ sudo service iptables save

Another approach is through a firewall client named System-config-firewall-tui, a command line user interface (TUI).

The code is as follows:

$ sudo system-config-firewall-tui

Select the "Customize" button located in the middle, and press the ENTER key.

If you want to modify a firewall for any known service, such as a Web server, simply tick the service and close the tool. If you want to open any TCP/UDP port, select the "Forward" button, and then go to the next interface.

Select the "Add" button to add a new rule.

Specify a port (such as 80) or a range of ports (such as 3000-3030) and protocols (such as TCP or UDP).

Finally, save the modified configuration and close the tool. In this way, the firewall is permanently preserved.