Gangmax Blog

CentOS Firewall: Open Port & Set IP Range

It seems by default CentOS doesn’t allow network be accessed from outside. Here are the instructions how to make it work on CentOS 7. From here and here.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# 1. Add port.
sudo firewall-cmd --zone=public --add-port=8080/tcp --permanent
# 2. Remove port.
sudo firewall-cmd --zone=public --remove-port=8080/tcp --permanent
# 3. No matter adding or removing port, you need to reload like below to make it take effect.
sudo firewall-cmd --reload
# 4. Check the updated rules.
sudo firewall-cmd --list-all
# 5. Add IP range.
sudo firewall-cmd --permanent --zone=public --add-source=10.87.0.0/12
# 6. Remove IP range.
sudo firewall-cmd --permanent --zone=public --remove-source=10.87.0.0/12
# The IP range "10.87.0.0/12" means "10.80.0.1-10.95.255.254".
# More details about IP range calculation can be found from:
# http://jodies.de/ipcalc
# Note that you also need the "--reload" command to make the new IP range
# configuration work, and the "--list-all" to check the result.

Comments