how to make firewall changes permanent via firewall-cmd?
Solution 1
--direct
commands cannot be made permanent. Use equivalent zone command:
sudo firewall-cmd --zone=public --add-port=7199/tcp --permanent
sudo firewall-cmd --reload
and to check the result:
sudo firewall-cmd --zone=public --list-all
Solution 2
You can also do something like this:
sudo firewall-cmd --zone=public --add-port=7198/tcp
sudo firewall-cmd --zone=public --add-port=7199/tcp
sudo firewall-cmd --runtime-to-permanent
... which will make the current firewall settings perman
Solution 3
there are a lot of ways.. but i am introducing today a method not mentioned here :
# firstly run it without --permanent
sudo firewall-cmd --zone=public --add-port=7199/tcp
# then run it again with adding --permanent
sudo firewall-cmd --zone=public --add-port=7199/tcp --permanent
it must work
Related videos on Youtube
Comments
-
fstab over 1 year
I am trying to open some ports in CentOS 7.
I am able to open a port with the following command:
firewall-cmd --direct --add-rule ipv4 filter IN_public_allow 0 -m tcp -p tcp --dport 7199 -j ACCEPT
By inspecting via
iptables -L -n
, I get the confirmation that the setting was successful:Chain IN_public_allow (1 references) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:7199
Unfortunately, I cannot make the changes permanent. Even by using the
--permanent
option like this:firewall-cmd --direct --permanent --add-rule ipv4 filter IN_public_allow 0 -m tcp -p tcp --dport 7199 -j ACCEPT
Any idea on how to fix this? Why is the
--permanent
option not working correctly?