FirewallD is a firewall management solution for most of the Linux distributions. You can directly allow/deny ports using the service name with Firewalld. When used services name to allow/deny, it uses /etc/services file to find corresponding port of the service. This tutorial help you to open port for HTTP (80) and HTTPS (443) services via the firewall-cmd command line.
Allow HTTP/s in Firewalld
You can allow and deny incoming traffic based on predefined services in firewalld. You can find the complete list of services in /etc/services file.
Let’s allow HTTP and HTTPS service via the firewalld.
firewall-cmd --zone=public --add-service=http firewall-cmd --zone=public --add-service=https
The above rules will be removed after system reboot. Use the --permanent option to add rules permanent in firewalld.
firewall-cmd --permanent --zone=public --add-service=http firewall-cmd --permanent --zone=public --add-service=https
Next, run the following command to apply the changes:
firewall-cmd --reload
Check Allowed Services
You can find the list of added services with the following command:
firewall-cmd --permanent --zone=public --list-services
You should see the results like:
cockpit dhcpv6-client http https ssh
Disable Services from Firewalld
If you want to remove/deny the above services from the firewalld, use the --remove-service option:
firewall-cmd --permanent --zone=public --remove-service=http firewall-cmd --permanent --zone=public --remove-service=ftp
Next, run the following command to apply the changes:
firewall-cmd --reload
Conclusion
In this tutorial, you have learned to allow/deny services in firewalld via command line.
2 Comments
Hellow. I’m trying to install joomla but there are some problems with /var/www/html folder permissions and it ask fpt account during installation process. Is it correct to leave as root user permissions or must be apache user for this folder? In any case it does not work on fedora 34 🙁
Thanks
wrong post, sorry, too much tabs opened on my browser. 😉