How to Open a Port in Firewalld

After you install Firewalld, the first thing you’ll likely want to do is open a port to connect with web applications on your Linux server. Only dhcp6-client and SSH are enabled by default. However, opening ports with Firewalld is an easy process. The first reason for this is the commands are straight-forward and easy to remember.

The second reason is that Firewalld allows you to manage well-known ports as predefined “services” for a more human-readable configuration. For example, instead of using 443/tcp, you can simply use the https service. Since services are easier to read than numbers and protocols, it’s best to check if a port is listed as a service before using the port option.

Below we cover how to open a port in Firewalld and check open ports.

Get speed, security, and three Linux OS choices today with our Cloud Server Hosting.

Open a Port in Firewalld

  1. Log into SSH
  2. Check if the application port is defined as a service (e.g. IMAPS, Kerberos, MySQL):
    firewall-cmd -get-services
  3. If the service is listed, whitelist the service permanently in the current zone:
    sudo firewall-cmd --permanent --add-service=SERVICE

    If not, open the port permanently by specifying the port number and protocol (TCP or UDP):
    sudo firewall-cmd --permanent --add-port=1234/tcp
  4. Reload Firewalld to apply changes:
    firewall-cmd --reload

    Reloading will remove –-runtime changes to apply the –permanent configuration.

Check Open Ports in Firewalld

After you whitelist ports and services, you should ensure your changes are accurate.

  1. List whitelisted services in Firewalld:
    sudo firewall-cmd --list-services
  2. List currently open ports in Firewalld:
    sudo firewall-cmd --list-ports

We recommend Certbot for creating and maintaining free Let’s Encrypt SSL certificates on non-cPanel cloud servers.

For more in-depth security configurations, check out our article covering Firewalld commands. To learn more about VPS security, check out these 10 ways to harden your Linux server.

Was this article helpful? Let us know!