This guide introduces you to firewalld and provides basic configuration steps.
Checking the status of Firewalld
firewall-cmd –state
The output should say running or not running.
View the status of the FirewallD daemon
systemctl status firewalld
To reload a FirewallD configuration:
firewall-cmd –reload
Get configurations for all zones
firewall-cmd –list-all-zones
Enable a service
firewall-cmd –zone=public –add-service=http –permanent
firewall-cmd –zone=public –add-service=https –permanent
Disable the service
firewall-cmd –zone=public –remove-service=http –permanent
firewall-cmd –zone=public –remove-service=https –permanent
Opening a port
Port 80 is the default port for the http protocol for web browsing
Port 443 is the default port for the https protocol for web browsing
firewall-cmd –permanent –zone=public –add-port=80/tcp
firewall-cmd –permanent –zone=public –add-port=443/tcp
Closing a port
firewall-cmd –zone=public –remove-port=80/tcp –permanent
firewall-cmd –zone=public –remove-port=443/tcp –permanent
List open ports
firewall-cmd –zone=public –list-ports
View default available services
firewall-cmd –get-services
List sources for your zone
firewall-cmd –permanent –zone=public –list-sources
If there are none, you can start to add them, this is your “whitelist”
firewall-cmd –permanent –zone=public –add-source=192.168.100.0/24
To remove the IP address from the whitelist
firewall-cmd –permanent –remove-source=192.168.100.0
For more information: