Guys, if your organization is behind a firewall, the networking team usually takes care that most unused ports are blocked, unless absolutely necessary. In some cases, you may want to add an exception to the firewall rules though, to open up a specific port to allow incoming and outgoing network traffic.
In today's example, we may want to open up a port 8080 to allow TCP connections for instance. Note that these commands are specifically for the CentOS flavor of Linux. Other flavors of Linux may have different command syntax. Please check accordingly.
Firstly view the existing firewall rules using the following command
firewall-cmd --list-all
Output (Old rules):
public (default, active)
interfaces: en0
sources:
services: dhcpv6-client ssh
ports: 9005/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
As you see from the existing rules, it seems that port 9005 is open. Now let us add the port 8080 to the firewall rules using the below command. If the command is executed fine, it will display "success". Make sure to reload firewall configuration to bring the new rules into effect.
firewall-cmd --zone=public --add-port=8080/tcp --permanent
success
firewall-cmd --reload
success
In order to view the double check the firewall rules, again use the --list-all command.
firewall-cmd --list-all
Output ( Updated rules):
public (default, active)
interfaces: en0
sources:
services: dhcpv6-client ssh
ports: 8080/tcp 9005/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
In today's example, we may want to open up a port 8080 to allow TCP connections for instance. Note that these commands are specifically for the CentOS flavor of Linux. Other flavors of Linux may have different command syntax. Please check accordingly.
Firstly view the existing firewall rules using the following command
firewall-cmd --list-all
Output (Old rules):
public (default, active)
interfaces: en0
sources:
services: dhcpv6-client ssh
ports: 9005/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
As you see from the existing rules, it seems that port 9005 is open. Now let us add the port 8080 to the firewall rules using the below command. If the command is executed fine, it will display "success". Make sure to reload firewall configuration to bring the new rules into effect.
firewall-cmd --zone=public --add-port=8080/tcp --permanent
success
firewall-cmd --reload
success
In order to view the double check the firewall rules, again use the --list-all command.
firewall-cmd --list-all
Output ( Updated rules):
public (default, active)
interfaces: en0
sources:
services: dhcpv6-client ssh
ports: 8080/tcp 9005/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
As you see the port 8080 has been added to the list i.e it has been opened up.
No comments:
Post a Comment