Easily open firewall ports on Fedora via the CLI

If you are coming over from Ubuntu you might be familiar with their Uncomplicated Firewall. FirewallD is the dynamically managed firewall on Fedora. There is a graphical configuration utility on the full desktop, but if you are trying to get things going on a server here is a quick reference to get you going via the command line.

firewall-cmd --add-port=2222/tcp
firewall-cmd --permanent --add-port=2222/tcp

The first command will open TCP port 2222 immediately, while the second one will add the same rule that will survive a reboot. Currently only entering the --permanent command wont take effect at runtime, so you will need both if you do not want to restart anything while making the change.

To do the same for common services which can be listed with firewall-cmd --get-services we can quickly enable access to webservers and the like. Here we will enable access to HTTP and HTTPS.

firewall-cmd --add-service=http
firewall-cmd --permanent --add-service=http
firewall-cmd --add-service=https
firewall-cmd --permanent --add-service=https

Just like the previous example, we enter each twice with and without permanent to avoid restarting anything, and have the rules persist. If you'd like to inspect all the rules on the firewall now, enter firewall-cmd --list-all to get a full breakdown.

For more details check out Fedora's FirewallD documentation.


A *nix enthusiast and accidental programmer interested in sharing whatever tidbits I learn, more or less for my own reference.

The Evergreen State