| CentOS This forum is for the discussion of CentOS Linux. Note: This forum does not have any official participation. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
06-07-2019, 03:31 PM
|
#1
|
|
LQ Newbie
Registered: Jun 2019
Posts: 3
Rep: 
|
[Centos 7] Is firewalld started/enabled as default? after started why i cant access any ports?
I just installed centos 7, few days ago
my CentOS version : Linux release 7.6.1810 (Core)
this is my first time using centos 7, but i am very familiar with centos 6
Is firewalld started/enabled as default when centos rebooted?
after started using this command
service firewalld start
why i cant access any ports anymore, like 2087 (WHM), 21 (FTP) or any ports?
do i need to set them all, like below?
firewall-cmd --permanent --zone=public --add-port=2087/tcp
firewall-cmd --permanent --zone=public --add-port=21/tcp
i can access them again after run this command
service firewalld stop
thank you for your answer
Last edited by training; 06-07-2019 at 03:32 PM.
|
|
|
|
|
06-07-2019, 03:45 PM
|
#2
|
|
Moderator
Registered: Aug 2002
Posts: 26,644
|
Welcome to LinuxQuestions.
Similar to CentOS 6 the default firewall is enabled and only allows ssh traffic. While service still works you should become familiar with the systemctl command.
Yes, the posted commands will open the associated ports but you should reload the firewall.
firewall-cmd --reload
|
|
|
|
|
06-07-2019, 04:35 PM
|
#3
|
|
LQ Newbie
Registered: Jun 2019
Posts: 3
Original Poster
Rep:
|
Quote:
Originally Posted by michaelk
Welcome to LinuxQuestions.
Similar to CentOS 6 the default firewall is enabled and only allows ssh traffic. While service still works you should become familiar with the systemctl command.
Yes, the posted commands will open the associated ports but you should reload the firewall.
firewall-cmd --reload
|
whoa, so if starting/enabling firewalld i need to run all of these manually?
firewall-cmd --permanent --zone=public --add-port=2087/tcp
firewall-cmd --permanent --zone=public --add-port=21/tcp
firewall-cmd --reload
is there tutorial/complete list port i need to add?
Last edited by training; 06-07-2019 at 04:37 PM.
|
|
|
|
|
06-07-2019, 05:00 PM
|
#4
|
|
LQ Newbie
Registered: Jun 2019
Posts: 3
Original Poster
Rep:
|
if we are already using CSF in cpanel, do we still need firewalld? are they both handling the same thing?
this is answer from cpanel people https://forums.cpanel.net/threads/fi.../#post-2448543 , but i want answer from linux centos people too here
Last edited by training; 06-07-2019 at 05:43 PM.
|
|
|
|
|
06-07-2019, 05:12 PM
|
#5
|
|
Moderator
Registered: Aug 2002
Posts: 26,644
|
The --permanent option saves the new rules but does not change the run time environment. Reloading the rules is necessary to update the running firewall.
Not using the --permanent option changes run time but they are not saved.
Once the rules are saved they are automatically loaded when the firewall starts at boot time.
What ports you need to add depends on what services you run and what you want to make available to the outside world (LAN or WAN). There are many firewalld guides/tutorials.
https://www.linode.com/docs/security...lld-on-centos/ |
|
|
|
|
06-07-2019, 05:20 PM
|
#6
|
|
LQ Addict
Registered: Nov 2013
Location: Tokyo
Distribution: Mostly Ubuntu and Centos
Posts: 6,316
|
Quote:
Originally Posted by training
why i cant access any ports anymore, like 2087 (WHM), 21 (FTP) or any ports?
|
By default, both Centos 6 and 7 block all ports except 22. Centos 6 doesn’t have the firewalld and you need to use other tools to unblock ports.
Quote:
Originally Posted by training
is there tutorial/complete list port i need to add?
|
That depends on the applications you are running. If you run a webserver, open ports 80 and 443. In case of an iSCSI target, 3260, and so on.
Note that firewall-cmd also has an add-service option, which opens the required ports and might do other things for difficult services like ftp.
Last edited by berndbausch; 06-07-2019 at 05:22 PM.
|
|
|
|
All times are GMT -5. The time now is 04:55 AM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
