Skip to main content

Firewalld Basics

Opening Ports in firewalld

Learn how to open a specific port number or open ports for a specific service in firewalld.

You had some issues with networking and recently, you figured out that it was the firewall blocking the packets. The problem is almost solved.

All there's left is to open a port for the service that you want to use. But the question is how you do that.

Well, to open a port in firewalld, all you have to do is open a port for the service you want to access.

How you may ask. Simply enter the port number and the zone in which you want to open a port in the following command:

sudo firewall-cmd --zone=<zone_name> --permanent --add-port=<port>

Want to know how to find the current zone to mention in the above command or how you can specify the service name instead of the port number? Let me help.

Open a port in firewalld

I've already mentioned a command to open a port but the question to be asked is how you find the current zone over which you have to execute the command.

To find the active zone, execute the below command:

firewall-cmd --get-active-zones

In my case, the active zone is FedoraWorkstation.

Now, you have two options to open a port in firewalld. You either enter the name of the service or a port number.

Open port using the service name

To open a port through the name of the service, use the following:

sudo firewall-cmd --zone=<zone_name> --permanent --add-service=<service_name>

For example, if I want to open a port for the SSH service, then I'll use the following:

sudo firewall-cmd --zone=FedoraWorkstation --permanent --add-service=ssh

Now, reload the firewalld to apply changes:

firewall-cmd --reload

Open port using a port number

If you want to use the port number instead of the service name, then use the following:

sudo firewall-cmd --zone=<zone_name> --permanent --add-port=<port>

Here, I mentioned port number 22 to open the port for the SSH:

sudo firewall-cmd --zone=FedoraWorkstation --permanent --add-port=22/tcp

Finally, reload the firewalld to take effect from the changes you've made:

firewall-cmd --reload

To check if the port was opened or not, you can list the whitelisted services:

sudo firewall-cmd --list-services

Conclusion

This was a quick tutorial on how you can open a port in firewalld where I went through how you can either specify the service name or a port number to get the job done.

I hope you will find this guide helpful.

If you still have any queries, reach out to us through the comments.

Sagar Sharma