Tuesday, January 20, 2015

RedHat Enterprise 7/CenOS 7 Firewall oneliners

Assuming you're using the default zone of "public" (you may need to temporarily disable selinux (setenforce 0)):

1. To allow everyone to access port 8080/tcp:

   firewall-cmd --zone=public --add-port=8080/tcp --permanent

2. Allow a server from the IPv4 address to access this server on port 1234 over UDP:

firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="" port port="1234" protocol="udp" accept' --permanent

No comments: