How to open and close ports on CentOS 8

Introduction

The firewall on CentOS 8 Linux system is enabled by default allowing for only few services to receive incoming traffic. Firewalld is a powerful and yet simple to use tool to manage a firewall on CentOS 8 Server . Firewalld allows to manage open or close ports using predefined services as well as open and close user custom ports.

In this article, we will guide you through how to open and close ports on CentOS 8.

Prerequisite

  • an active KVM VPS
  • root user

How to open port on CentOS 8

1. First of all, check for already opened ports or enabled systemd service. It might be that the port you are trying to open is already available in which case there is nothing to do:

firewall-cmd --list-all

2. Check whether the service you are trying to configure your firewall with is available as a preconfigured feature. The below command will list all ready to use services:

firewall-cmd --get-services

3. To get a list of the available zones, type:

firewall-cmd --get-zones

We can see the specific configuration associated with a zone by including the --zone= parameter in our --list-all command:

4. Open port or service.

If the service you wish to configure your firewall with is available as a preconfigured feature as retrieved in step 2 use its name to open the port.

Ex: open HTTP service port for zone public:

firewall-cmd --zone=public --permanent --add-service=http

In case the port you wish to open is not a part of the preconfigured services use the --add-port option.

Ex: open TCP port 8080 for zone public:

firewall-cmd --zone=public --permanent --add-port 8080/tcp

5. Reload firewall settings. Once you have opened port or services make sure to reload the firewall:

firewall-cmd --reload

6. Confirm that port or service was opened successfully:

firewall-cmd --list-all

How to close ports on RHEL 8

1. First check for already opened ports or services. Take a note of the zone, protocol as well as port or service you wish to close:

firewall-cmd --list-all

2. Close port or service. The below command will close the http service in the public zone:

firewall-cmd --zone=public --permanent --remove-service http

In case you wish to close a specific port use the --remove-port option.

Ex: close the TCP 8080 port

firewall-cmd --zone=public --permanent --remove-port 8080/tcp

3. Reload the firewall settings:

firewall-cmd --reload

4. Confirm that port or service was closed successfully:

firewall-cmd --list-all

We can see that port 8080 closed in our --list-all

That’s all! Enjoy GreenCloudVPS services!

On this page