Skip to main content

RHEL: firewall-cmd

firewall-cmd - firewalld command line client

Open 123 UDP port (ntp service)

[tuyendq@rhel1 ~]$sudo firewall-cmd --zone=public --add-port=123/udp --permanent
[tuyendq@rhel1 ~]$sudo firewall-cmd --reload
[tuyendq@rhel1 ~]$sudo firewall-cmd --zone=public --list-all
RHEL: using firewall-cmd to open firewall port - 123/udp (ntp service)
RHEL: using firewall-cmd to open firewall port - 123/udp (ntp service)
Synchronize time with ntp service: time-b.practicehabits.net
Synchronize time with ntp service: time-b.practicehabits.net

Check firewalld status

sudo firewall-cmd --state

Check open ports in 'public' zone

sudo firewall-cmd --zone=public --list-ports

Add and remove ports to 'public' zone

sudo firewall-cmd --zone=public --add-port=3000-3001/tcp
sudo firewall-cmd --zone=public --remove-port=3000-3001/tcp

Open zabbix agent port 10050/tcp

# firewall-cmd --zone=public --add-port=10050/tcp

Open 21 TCP port (ftp service)

[tuyendq@rhel1 ~]$ sudo firewall-cmd --zone=public --add-port=21/tcp --permanent
success
[tuyendq@rhel1 ~]$ sudo firewall-cmd --reload
success
[tuyendq@rhel1 ~]$ sudo firewall-cmd --zone=public --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens192
  sources:
  services: ssh dhcpv6-client
  ports: 110/tcp 25/tcp 1352/tcp 80/tcp 443/tcp 993/tcp 995/tcp 465/tcp 143/tcp 80/udp 123/udp 8080/tcp 8443/tcp 3000/tcp 10050/tcp 21/tcp
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

firewall-cmd cheatsheet

firewall-cmd --state : Check firewalld state
firewall-cmd --list-all
firewall-cmd --get-zones : List all zones
firewall-cmd --get-active-zone : Get active zone

firewall-cmd --zone=public --add-port=80/tcp

/var/log/firewalld : firewalld log file

Popular posts from this blog

Install Microsoft .NET Core SDK

.NET Core Software Development Kit (SDK) is a set of libraries and tools that allow developers to create .NET Core applications and libraries.

How to charge your device from USB Port

First of all, check BIOS Settings of your laptop or desktop Dell Look for USB PowerShare BIOS Settings: USB PowerShare Lenovo Look for Always On USB Charge in Off Mode BIOS Settings: Enable Always On USB Charge in Off Mode

Kali Linux on Raspberry Pi 2

Download Kali Linux for Raspberry Pi 2 Use xzcat to decompress and then dd to image Kali Linux to microSD on Windows 10. or use 7-zip to extract kali-linux-2019.1-rpi3-nexmon.img image file, then use rufus to write image to microSD card Login Kali Linux with default username root and password toor Tight VNC Server root@kali:~# apt install tightvncserver root@kali:~# vncserver :1 You will require a password to access your desktops. Password: Warning: password truncated to the length of 8. Verify: Would you like to enter a view-only password (y/n)? n xauth: file /root/.Xauthority does not exist New 'X' desktop is kali:1 Creating default startup script /root/.vnc/xstartup Starting applications specified in /root/.vnc/xstartup Log file is /root/.vnc/kali:1.log root@kali:~# Kill vncserver root@kali:~# vncserver -kill :1 Killing Xtightvnc process ID 16102 root@kali:~#