Block and Allow Port/IP using Firewalld on Centos

Sometimes we find that there are IPs that always attack our server. Whether attacking on the most common SSH port, attacking DNS Ports, Web, and so on. To stop attacks from these IPs, there are various ways, one of which is using Firewalld. Firewalld is a built-in Firewall from Centos 7 which functions to protect our server on the Network side. Especially network traffic entering / leaving the server.

Here are some commands that can be used in Firewalld

1. Block the Incoming IP so that the IP cannot access the server

firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='x.x.x.x' reject"

2. Block the Internal Port so that it cannot be accessed from outside

firewall-cmd --remove-port=port-number/<tcp | udp>

3. Allow IP to be able to access the server

firewall-cmd --permanent --zone=public --add-source=x.x.x.x

4. Allow Port so that it can be accessed from outside

firewall-cmd --permanent --add-port=portnumber/tcp --zone=public 

After the command is run, don't forget to reload the firewalld

firewall-cmd --reload

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.