Open port for a specific IP address with firewall-cmd

firewall-cmd --permanent --zone=public --add-rich-rule='    rule family="ipv4"    source address=""    port protocol="tcp" port="4567" accept'  

Check the zone file later to inspect the XML configuration

cat /etc/firewalld/zones/public.xml  

Reload the firewall

firewall-cmd --reload
firewall-cmd --zone=internal --add-service=ssh  firewall-cmd --zone=internal --add-source=  firewall-cmd --zone=internal --add-source=  firewall-cmd --zone=public --remove-service=ssh  

The result of this will be a "internal" zone which permits access to ssh, but only from the two given IP addresses. 

To make it persistent, re-run each command with --permanent appended.

Post a Comment

Featured Post

Updated Coupons / promo codes for Google Apps for Work / Business

To redeem: 1. Sign up for Google Apps   2. Go to your billing settings  3. Choose your payment plan  4. Enter your promo code ...