Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
basic firewalld rules
# basic firewalld rules and commands
# check if running
# systemctl status firewalld
# firewall-cmd --state
# list ports
# firewall-cmd --list-all
# firewall-cmd --list-all --zone=public
# firewall-cmd --list-all --zone=public --permanent
# list zones
# firewall-cmd --get-zones
# firewall-cmd --get-default-zone
# firewall-cmd --get-active-zones
# open ports 80 and 443
firewall-cmd --permanent --add-service http
firewall-cmd --permanent --add-service https
# rules for openvpn (uncomment as needed)
firewall-cmd --permanent --add-service openvpn
firewall-cmd --permanent --add-masquerade
# confirm it (should output 'OK'):
firewall-cmd --query-masquerade
# drop icmp (ping) packets (firewalld version, already included in basic rules above)
firewall-cmd --add-icmp-block=echo-request --permanent
firewall-cmd --add-icmp-block=echo-reply --permanent
# allow xmpp
firewall-cmd --zone=public --add-port=5222/tcp --permanent
firewall-cmd --zone=public --add-port=5269/tcp --permanent
# rules for mosh
firewall-cmd --zone=public --add-port=60000-60010/udp --permanent
# disable ports
# firewall-cmd --zone=public --remove-port=4000/tcp --permanent
# disable service
# firewall-cmd --zone=public --remove-service=ssh --permanent
firewall-cmd --reload
systemctl restart firewalld
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.