firewall-cmd

The firewalld command-line client. More information: <https://firewalld.org/documentation/man-pages/firewall-cmd>.

Install

All systems
curl cmd.cat/firewall-cmd.sh
Debian Debian
apt-get install firewalld
Ubuntu
apt-get install firewalld
Arch Arch Linux
pacman -S firewalld
image/svg+xml Kali Linux
apt-get install firewalld
CentOS
yum install firewalld
Fedora
dnf install firewalld
Windows (WSL2)
sudo apt-get update sudo apt-get install firewalld
Raspbian
apt-get install firewalld

The firewalld command-line client. More information: <https://firewalld.org/documentation/man-pages/firewall-cmd>.

  • View the available firewall zones:
    firewall-cmd --get-active-zones
  • View the rules which are currently applied:
    firewall-cmd --list-all
  • Permanently move the interface into the block zone, effectively blocking all communication:
    firewall-cmd --permanent --zone=block --change-interface=enp1s0
  • Permanently open the port for a service in the specified zone (like port 443 when in the `public` zone):
    firewall-cmd --permanent --zone=public --add-service=https
  • Permanently close the port for a service in the specified zone (like port 80 when in the `public` zone):
    firewall-cmd --permanent --zone=public --remove-service=http
  • Permanently open two arbitrary ports in the specified zone:
    firewall-cmd --permanent --zone=public --add-port=25565/tcp --add-port=19132/udp
  • Reload firewalld to force rule changes to take effect:
    firewall-cmd --reload

© tl;dr; authors and contributors