LinuxQuestions.org
Help answer threads with 0 replies.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
Reload this Page [SOLVED] firewalld - cannot state a rule with port range
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 04-11-2018, 02:41 PM   #1
Sum1
Member
 
Registered: Jul 2007
Distribution: Fedora, CentOS, and would like to get back to Gentoo
Posts: 332

Rep: Reputation: 30
firewalld - cannot state a rule with port range

I want to block all incoming and outgoing traffic on internet-facing nic to deal with some malware on a local LAN.

The firewall/router is a CentOS7 box.
I cannot seem to express a rule correctly defining a port range:
Code:
[root@bbb]# firewall-cmd --zone=external --remove-port=50000-65536/tcp
Error: INVALID_PORT: 50000-65536
[root@bbb]# 
[root@bbb]# firewall-cmd --zone=external --add-rich-rule='rule family=ipv4 port port=50000-65536 protocol=tcp drop'
Error: INVALID_PORT: 50000-65536
Does anyone know the correct grammar/syntax to drop/remove/reject a range of ports using the firewall-cmd command?

Thanks for your help.
 
Old 04-11-2018, 03:04 PM   #2
Sum1
Member
 
Registered: Jul 2007
Distribution: Fedora, CentOS, and would like to get back to Gentoo
Posts: 332

Original Poster
Rep: Reputation: 30
Human Error, Ooops.
There are only 65535 tcp ports, NOT 65536.

Code:
[root@bbb]# firewall-cmd --zone=external --add-rich-rule='rule family=ipv4 port port=50000-65000 protocol=tcp drop'
success
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
port forwarding with firewalld crackconfig Linux - Security 1 02-16-2017 11:06 AM
[SOLVED] Firewalld drop/block large ip address range Sum1 CentOS 2 01-27-2017 02:38 PM
Firewalld - enable IP range vmxes Linux - Security 1 06-06-2016 03:04 AM
[SOLVED] iptables port forward not working for port range mapping to anohter Port range in Linux 2.6.39 kinghong66 Linux - Networking 2 06-17-2015 07:17 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 02:54 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration