How to open port for a specific IP address with firewall-cmd on CentOS?

Michaël Perrin asked:

I would like to open port 4567 for the IP address 1.2.3.4 with the firewall-cmd command on a CentOS 7.1 server.

How can I achieve this, as the documentation I could find was too specific on this?

My answer:


Create a new zone to accommodate this configuration. FirewallD zones are defined by source addresses and by interfaces.

firewall-cmd --new-zone=special --permanent
firewall-cmd --zone=special --add-source=192.0.2.4/32
firewall-cmd --zone=special --add-port=4567/tcp

Add --permanent of course to the latter two commands to make them permanent.


View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.