FirewallD is a tool used in many Linux systems to manage network traffic. It acts as an easy interface for iptables, which is a more complex underlying system that controls how data flows in and out of your computer. FirewallD offers both command line and graphical interfaces to make managing these rules simpler.
This guide will teach you how to open ports 80 (HTTP) and 443 (HTTPS) using FirewallD. By the end, you will know how to allow and remove these ports temporarily and permanently, and how to check which ports are open.
Open Port 80 & 443 in FirewallD
With FirewallD, you can allow or deny ports either temporarily or permanently. Temporary rules will disappear when you restart your system, but permanent rules will stay even after a reboot.
To allow incoming traffic on TCP ports 80 and 443 temporarily, use these commands:
sudo firewall-cmd --zone=public --add-port=80/tcp
sudo firewall-cmd --zone=public --add-port=443/tcp
To make these rules permanent, add the --permanent
option to the commands:
sudo firewall-cmd --permanent --zone=public --add-port=80/tcp
sudo firewall-cmd --permanent --zone=public --add-port=443/tcp
After setting the permanent rules, you need to reload FirewallD to apply the changes:
sudo firewall-cmd --reload
View Updated Firewall Rules
Once you have added the rules, you can check them using the following command. This will list all the ports that are currently open:
sudo firewall-cmd --permanent --zone=public --list-ports
Output:
Remove Rules from FirewallD
If you decide that you no longer need these ports open, you can remove them with these commands:
sudo firewall-cmd --permanent --zone=public --remove-port=80/tcp
sudo firewall-cmd --permanent --zone=public --remove-port=443/tcp
Next, run the following command to apply the changes:
sudo firewall-cmd --reload
Conclusion
This guide showed you how to open ports 80 and 443 using FirewallD on a Linux system. You learned how to set these rules temporarily and permanently, check which ports are open, and remove the rules if needed. By mastering these steps, you can better control the flow of data to and from your computer, enhancing both its security and functionality.
5 Comments
@Heather: Are you using –, or are you using a single hyphen-minus (-)? It appears as if you are using either a single hyphen-minus, or an en-dash (–). The system won’t recognize a single hyphen-minus or an en-dash.
Does not Work!
firewall-cmd –reload <— MS DOS command returns " Not recognized as Internal or External Command.
[root@clever-banzai ~]# firewall-cmd –zone=public –add-port=80/tcp
Warning: ALREADY_ENABLED: ’80:tcp’ already in ‘public’
success
[root@clever-banzai ~]# firewall-cmd –zone=public –add-port=443/tcp
Warning: ALREADY_ENABLED: ‘443:tcp’ already in ‘public’
success
[root@clever-banzai ~]# firewall-cmd –permanent –zone=public –add-port=80/tcp
Warning: ALREADY_ENABLED: 80:tcp
success
[root@clever-banzai ~]# firewall-cmd –permanent –zone=public –add-port=443/tcp
Warning: ALREADY_ENABLED: 443:tcp
success
[root@clever-banzai ~]# firewall-cmd –reload
success
[root@clever-banzai ~]# firewall-cmd –permanent –zone=public –list-ports
80/tcp 443/tcp
[root@clever-banzai ~]#
dont work for me
https://ping.eu/port-chk/
80.211.37.89
Hi,
Make sure the web server is listening on both ports. Please share the output of below commands:
netstat -tulpn | grep 80
netstat -tulpn | grep 443
Thanks for this awesome tutorial. Really appreciate it.