About
Name
Ports can be named:
- numerically with the internet protocol. ie: for a HTTP server port
- 80/tcp
- or 80 (as tcp is the default)
- or with the notion of service (ie http service)
If the service is not known, you can add the port manually.
Example of service definition:
cat /usr/lib/firewalld/services/http.xml
<?xml version="1.0" encoding="utf-8"?>
<service>
<short>WWW (HTTP)</short>
<description>HTTP is the protocol used to serve Web pages. If you plan to make your Web server publicly available, enable this option. This option is not required for viewing pages locally or developing Web pages.</description>
<port protocol="tcp" port="80"/>
</service>
How to
Add a port
With the Shell firewall cmd
firewall-cmd --zone=public --add-port=5000/tcp --permanent
firewall-cmd --reload
With Ansible - Ansible command line
- name: "Open the web console port"
become: yes
firewalld:
port: 8443/tcp
permanent: yes
state: enabled
notify: firewalld reload
- Handler to restart ie firewall-cmd –reload
- name: "firewalld reload"
systemd:
state: restarted
name: firewalld
List Port
firewall-cmd --zone=public --list-ports
Remove Port
firewall-cmd --zone=public --remove-port=22/tcp --permanent
then reload