Block and Allow Port or IP using Firewalld in Centos

Sometimes we find that there are IPs that always attack our server. Whether attacking on the most common SSH port, attacking DNS Ports, Web, and so on. To stop attacks from these IPs, there are various ways, one of which is using Firewalld. Firewalld is a built-in Firewall from Centos 7 which functions to protect our server on the Network side. Especially network traffic entering / leaving the server.
Here are some commands that can be used in Firewalld

1. Block the Incoming IP so that it cannot access the server

firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='x.x.x.x' reject"


2. Block the internal port so that it cannot be accessed from the outside.

firewall-cmd --remove-port=port-number/<tcp | udp>


3. Allow IP to access the server

firewall-cmd --permanent --zone=public --add-source=x.x.x.x

4. Allow Port to be accessible from outside

firewall-cmd --permanent --add-port=portnumber/tcp --zone=public

After the command is run, don't forget to reload the firewalldfirewall-cmd --reload

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.