Firewall-cmd is a command-line utility that manages firewall rules in Linux systems that use the firewalld daemon. It provides a simple and more user-friendly interface to manage the firewall rules compared to the traditional iptables command.
Firewall-cmd uses the D-Bus interface to communicate with the firewalld daemon. It allows users to add, remove, and modify firewall rules in real-time. The command can be used to manage firewall zones, services, ports, and source/destination addresses.
- To list all the available zones in the system:
- To list all the active zones in the system:
- To add a new service to the default zone:
firewall-cmd --zone=public --add-service=http
- To remove a service from the default zone:
firewall-cmd --zone=public --remove-service=http
- To open a specific port in the default zone:
firewall-cmd --zone=public --add-port=8080/tcp
- Restricting access to specific services or ports
- Blocking traffic from specific IP addresses or ranges
- Allowing traffic only from specific IP addresses or ranges
- Creating custom firewall zones for specific network configurations
The following table lists the available options for the firewall-cmd command:
|–add-port=<port>/<protocol>||Adds a port to the firewall|
|–add-service=<service>||Adds a service to the firewall|
|–remove-port=<port>/<protocol>||Removes a port from the firewall|
|–remove-service=<service>||Removes a service from the firewall|
|–zone=<zone>||Specifies the firewall zone to modify|
|–list-all||Lists all the firewall rules for the specified zone|
|–get-zones||Lists all the available firewall zones|
|–get-active-zones||Lists all the active firewall zones|
- If you’re having trouble accessing a specific service or port, make sure it’s added to the correct zone.
- If you’re unable to connect to a specific IP address or range, make sure it’s not blocked by the firewall.
- If you’re experiencing issues with the firewall-cmd command, try restarting the firewalld daemon.
- Firewall-cmd is a newer and more user-friendly alternative to the traditional iptables command.
- Firewall-cmd uses the firewalld daemon to manage firewall rules in real-time.
- Firewall-cmd provides a comprehensive set of options to manage firewall zones, services, ports, and source/destination addresses.