I’m on a red hat 7 machine, and I need to open all ports to a specific IP on the firewall.
I tried this command:
firewall-cmd --permanent --zone=public --add-rich-rule=' rule family="ipv4" source address="126.96.36.199/20" port protocol="tcp" port="*" accept'
But I’m getting an invalid port error for the *
Does anyone know and can tell me how to do this correctly?
Use a firewalld zone for this. Zones can be specified either by interface or by source IP address.
In fact, by default, a zone which accepts all traffic already exists, and it is named
trusted. By default, though, nothing is in this zone. So, you don’t even need to create a zone, just add the IP address to the
firewall-cmd --zone=trusted --add-source=188.8.131.52/20
In addition to CIDR ranges, you can specify single IP addresses or ipset names prefixed with
After this, all traffic from the specified addresses will be allowed on any port. Remember to make it permanent, either by repeating the command with
--permanent appended, or by running
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.