Firewalld configuration on CentOS 7

By | October 13, 2018

In Centos 7, firewalld included by default. Here I will guide you, how you can configure firewalld in your Centos 7.

Start and enable Firewalld on boot by

systemctl start firewalld
systemctl enable firewalld

If the Firewalld is not installed, install it by running

yum install firewalld -y

Installing and running Firewalld is completed. Now we will configure firewall rules.

Make sure the Firewalld is running. Check Firewalld stats by running

firewall-cmd --state

It should give “running” output.

Check which zone is selected by running

firewall-cmd --get-default-zone

By default public zone should be selected. We will add firewall rules to this zone.

If your server is used for hosting website, you need to open http & https service. You can do that by

 firewall-cmd --zone=public --permanent --add-service=http
 firewall-cmd --zone=public --permanent --add-service=https

This command will open http(80) & https(443) service permanently through firewall.

To open a port, you need to run the following command.

firewall-cmd --zone=public --permanent --add-port=PortNumber/tcp

Replace PortNumber with your desired port.

You can see which port or services has added to firewall rule by running this two command.

firewall-cmd --zone=public --list-ports
firewall-cmd --zone=public --list-services

You also can see all the services & ports at once by running

firewall-cmd --zone=public --list-all

Remember to restart firewall every time when you add or remove a new rule. Restart firewall by running

firewall-cmd --reload

You can remove a firewall rule by

firewall-cmd --zone=public --remove-service=http --permanent
firewall-cmd --zone=public --remove-port=PortNumber --permanent
firewall-cmd --reload

Leave a Reply