CentOS 7 Open Firewall Ports Range on FirewallD
-
This syntax is strangely hard to find. So here it is. For CentOS 7 or RHEL 7 running FirewallD which is managed by way of the firewall-cmd command, this is the general syntax for a port range:
firewall-cmd --zone=public --add-port=10000-20000/udp --permanent
-
While I have never made a how to with a port range, the basic
firewalld
syntax is used all over the place on this forum by me and every system that I have ever seen that accepts a port range does so with the range hyphenated from lower boundary to upper boundary. -
@JaredBusch said:
While I have never made a how to with a port range, the basic
firewalld
syntax is used all over the place on this forum by me and every system that I have ever seen that accepts a port range does so with the range hyphenated from lower boundary to upper boundary.I would have thought that this was a colon, though, not a hyphen.
-
@scottalanmiller said:
@JaredBusch said:
While I have never made a how to with a port range, the basic
firewalld
syntax is used all over the place on this forum by me and every system that I have ever seen that accepts a port range does so with the range hyphenated from lower boundary to upper boundary.I would have thought that this was a colon, though, not a hyphen.
I have never seen it commonly used with a colon to represent a range
-
@JaredBusch said:
@scottalanmiller said:
@JaredBusch said:
While I have never made a how to with a port range, the basic
firewalld
syntax is used all over the place on this forum by me and every system that I have ever seen that accepts a port range does so with the range hyphenated from lower boundary to upper boundary.I would have thought that this was a colon, though, not a hyphen.
I have never seen it commonly used with a colon to represent a range
Native IPTables.
-
@scottalanmiller said:
@JaredBusch said:
@scottalanmiller said:
@JaredBusch said:
While I have never made a how to with a port range, the basic
firewalld
syntax is used all over the place on this forum by me and every system that I have ever seen that accepts a port range does so with the range hyphenated from lower boundary to upper boundary.I would have thought that this was a colon, though, not a hyphen.
I have never seen it commonly used with a colon to represent a range
Native IPTables.
I rarely work with native IPTables. That would explain a difference in point of view.
-
@JaredBusch said:
@scottalanmiller said:
@JaredBusch said:
@scottalanmiller said:
@JaredBusch said:
While I have never made a how to with a port range, the basic
firewalld
syntax is used all over the place on this forum by me and every system that I have ever seen that accepts a port range does so with the range hyphenated from lower boundary to upper boundary.I would have thought that this was a colon, though, not a hyphen.
I have never seen it commonly used with a colon to represent a range
Native IPTables.
I rarely work with native IPTables. That would explain a difference in point of view.
Yeah, and for me I pretty much have done raw edits on /etc/sysconfig/iptables and never used external tools. Now with FirewallD I'm relearning the syntax for everything on Linux firewalls.
-
@scottalanmiller said:
@JaredBusch said:
@scottalanmiller said:
@JaredBusch said:
@scottalanmiller said:
@JaredBusch said:
While I have never made a how to with a port range, the basic
firewalld
syntax is used all over the place on this forum by me and every system that I have ever seen that accepts a port range does so with the range hyphenated from lower boundary to upper boundary.I would have thought that this was a colon, though, not a hyphen.
I have never seen it commonly used with a colon to represent a range
Native IPTables.
I rarely work with native IPTables. That would explain a difference in point of view.
Yeah, and for me I pretty much have done raw edits on /etc/sysconfig/iptables and never used external tools. Now with FirewallD I'm relearning the syntax for everything on Linux firewalls.
Well, at least I'm not the only one then. Learning how to use firewall-cmd still feels a bit odd.