In firewalld, you can define which ports to allow through using the following methods:

Allow a Specific Port

To allow a specific port (e.g., TCP port 8080), run:

sudo firewall-cmd --zone=public --add-port=8080/tcp --permanent
  • --zone=public: Specifies the firewall zone (change as needed).
  • --add-port=8080/tcp: Opens TCP port 8080.
  • --permanent: Makes the rule persist after a reboot.
  • Omit --permanent if you want it to be temporary.


Then reload the firewall to apply changes:

sudo firewall-cmd --reload


Allow a Range of Ports

For a range of ports (e.g., 5000-5100), use:

sudo firewall-cmd --zone=public --add-port=5000-5100/tcp --permanent sudo firewall-cmd --reload


Allow a Service Instead of a Port

If the service you need is predefined in firewalld, you can allow it by name instead:

sudo firewall-cmd --zone=public --add-service=http --permanent sudo firewall-cmd --reload


To list available services:

 firewall-cmd --get-services


Check Open Ports

To verify which ports are open:

sudo firewall-cmd --list-ports


  • No labels

Copyright JMEHAN.COM