Tuesday, January 20, 2015

RedHat Enterprise 7/CenOS 7 Firewall oneliners

Assuming you're using the default zone of "public" (you may need to temporarily disable selinux (setenforce 0)):


1. To allow everyone to access port 8080/tcp:

   firewall-cmd --zone=public --add-port=8080/tcp --permanent


2. Allow a server from the IPv4 address 10.20.30.40 to access this server on port 1234 over UDP:

firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="10.20.30.40/32" port port="1234" protocol="udp" accept' --permanent

No comments: