Basic commands for Firewalld on Centos 7

Check Firewalld status:

sudo firewall-cmd --state
sudo systemctl status firewalld

Enable Firewalld:

sudo systemctl start firewalld
sudo systemctl enable firewalld

Check all available rules:

sudo firewall-cmd --list-all

Add services to Firewalld:

sudo firewall-cmd --add-service=http --permanent
sudo firewall-cmd --add-service=https --permanent

Add custom port to Firewalld:

sudo firewall-cmd --permanent --add-port=1337/tcp

Allow access to a port from a specific IP:

sudo firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.2.2" port protocol="tcp" port="3306" accept'

After all, make sure you run this command to apply new rules

sudo firewall-cmd --reload

Written on 12 December 2018

Share your thoughts