After you install Firewalld, the first thing you’ll likely want to do is open a port to connect with web applications on your Linux server. Only dhcp6-client and SSH are enabled by default. However, opening ports with Firewalld is an easy process. The first reason for this is the commands are straight-forward and easy to remember.
The second reason is that Firewalld allows you to manage well-known ports as predefined “services” for a more human-readable configuration. For example, instead of using 443/tcp, you can simply use the https service. Since services are easier to read than numbers and protocols, it’s best to check if a port is listed as a service before using the port option.
Below we cover how to open a port in Firewalld and check open ports.
Upgrade to VPS Hosting for Peak Performance
Upgrade to InMotion VPS Hosting today for top-notch performance, security, and flexibility, and save up to $2,493 – a faster, stronger hosting solution is just a click away!
Dedicated Resources NVMe SSD Storage High-Availability Ironclad Security Premium Support
VPS Hosting Plans
Open a Port in Firewalld
- Log into SSH
- Check if the application port is defined as a service (e.g. IMAPS, Kerberos, MySQL):
firewall-cmd -get-services
- If the service is listed, whitelist the service permanently in the current zone:
sudo firewall-cmd --permanent --add-service=SERVICE
If not, open the port permanently by specifying the port number and protocol (TCP or UDP):
sudo firewall-cmd --permanent --add-port=1234/tcp
- Reload Firewalld to apply changes:
firewall-cmd --reload
Reloading will remove –-runtime changes to apply the –permanent configuration.
Check Open Ports in Firewalld
After you whitelist ports and services, you should ensure your changes are accurate.
- List whitelisted services in Firewalld:
sudo firewall-cmd --list-services
- List currently open ports in Firewalld:
sudo firewall-cmd --list-ports
We recommend Certbot for creating and maintaining free Let’s Encrypt SSL certificates on non-cPanel cloud servers.
For more in-depth security configurations, check out our article covering Firewalld commands. To learn more about VPS security, check out these 24 ways to harden your Linux server.
FAQs
Open the Port:
Replace 80 with the port number you want to open, and tcp with the protocol you want to use (it can be tcp or udp). Reload the Firewall Rules: After adding the rule, reload the firewall for the changes to take effect.
How to open a port using firewalld? ›
Open the Port:
Replace 80 with the port number you want to open, and tcp with the protocol you want to use (it can be tcp or udp). Reload the Firewall Rules: After adding the rule, reload the firewall for the changes to take effect.
How do I open a port on my server firewall? ›
How to open a port on the firewall
- Click on Start then on Control Panel.
- Click on Windows Firewall and then click on Advanced Settings.
- Right click on Inbound Rules then on New Rule:
- Select Port and click on Next:
- Enter a specific local port (e.g. 8080) and click on Next:
- Click on Next:
- Name the rule and click on Finish:
Ubuntu
- $ sudo apt install ufw.
- $ sudo systemctl status ufw.
- $ sudo ufw enable.
- $ sudo ufw allow (port)/tcp.
- $ sudo ufw allow 53/tcp.
- $ sudo ufw allow https.
- $ sudo ufw allow 21.
- $ sudo ufw allow from 190.34.21.113 to any port.
Easy Ways to Identify Open Ports
Open a command prompt and type “ipconfig.” Use the IP address and port number to locate an open port. For Mac devices, open a Terminal window. Type “netsat -nr | grep default” into the program. Then, type “nc -vs” + your IP + port number to locate.
How do I check if a port is open in my firewall? ›
If you would like to test ports on your computer, use the Windows command prompt and the CMD command netstat -ano. Windows will show you all currently existing network connections via open ports or open, listening ports that are currently not establishing a connection.
What is the command for open ports? ›
Press the 'windows' key and type 'cmd'. Press “Command Prompt”. Step 3: On the command prompt, type the command “telnet + IP address or hostname + port number” and check the status of the provided TCP port. Step 4: If only the blinking cursor is visible, then the port is open.
How to open port in Linux firewall command line? ›
Use the firewall-cmd command to open a port.
To make the change permanent, add the --permanent flag to the command: firewall-cmd --zone=public --permanent --add-port=22/tcp . To open a UDP port, replace tcp with udp . To open the port by service name, use firewall-cmd --zone=public --permanent .
How do I access my local host port? ›
On the mobile device, open a web browser and enter the IP address of the computer running the web server, followed by the port number if necessary. For example, if the IP address is 192.168. 1.100 and the web server is listening on port 8000, you would enter “http://192.168.1.100:8000” in the browser's address bar.
How to open port 443 in Linux? ›
How to Open Port 443 in Linux?
- Run the following command to allow traffic on port 80: sudo iptables -I INPUT -p tcp -m tcp –dport 80 -j ACCEPT.
- Run the following command to allow traffic on port 443: sudo iptables -I INPUT -p tcp -m tcp –dport 443 -j ACCEPT.
- Run the following command to save the iptables rules:
Open Terminal on your Linux computer. Enter "telnet + IP address or hostname + port number" (e.g., telnet www.synology.com 1723 or telnet 10.17.xxx.xxx 5000) to run the telnet command and test the port status. If the port is open, a message will say Connected to 10.17.xxx.xxx.
How do I check my host and port connectivity? ›
Enter "telnet + IP address or hostname + port number" (e.g., telnet www.example.com 1723 or telnet 10.17.xxx.xxx 5000) to run the telnet command in Command Prompt and test the TCP port status. If the port is open, only a cursor will show. If the port is closed, a message will say Connect failed.
How to check if a port is blocked by a firewall? ›
To see if your firewall is blocking a website, app, or port on Windows, go to Windows Firewall > Advanced Settings and check your Outbound rules. On a Mac, click the Apple icon > System Settings > Network > Firewall > Options to check your firewall settings.
How do I open port 22 on my firewall? ›
- Step 1: Install OpenSSH Server on Windows. Enable OpenSSH Feature: Open the “Settings” app on your Windows machine. ...
- Step 2: Configure OpenSSH Server. Start SSH Service: ...
- Step 3: Allow SSH Through Windows Firewall. Allow SSH Service: ...
- Step 4: Accessing Windows SSH Server. Find Windows IP Address:
Enable a port range in advance
- Click Advanced settings in the left column of the Windows Firewall window.
- Click Inbound Rules in the left column.
- Click New Rules in the right column.
- Select Port and click next.
- Select TCP and enter 8000, 8001, 8002, 8003, 9000, 80, 443 in the Specific local ports field.
- Click Next.
To open FTP port 21 you need to change Windows Firewall settings.
- Click on Start > Settings > Control Panel > Click on Security center.
- At the bottom window (Manage security settings for:) ...
- Click on this option. ...
- Select Exceptions tab > Click on Add Port button.
- Add port 21 and 20 as follows.
Dedicated Resources 