How to open port for a specific IP address with firewall-cmd on CentOS?

Michaël Perrin asked:

I would like to open port 4567 for the IP address 1.2.3.4 with the firewall-cmd command on a CentOS 7.1 server.

How can I achieve this, as the documentation I could find was too specific on this?

My answer:


Create a new zone to accommodate this configuration. FirewallD zones are defined by source addresses and by interfaces.

firewall-cmd --new-zone=special
firewall-cmd --zone=special --add-source=192.0.2.4/32
firewall-cmd --zone=special --add-port=4567/tcp

Add --permanent of course to make them permanent.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.