Had a port opened up to for public use using firewall-cmd, I wanted to limit this port to a specific IP which I found the answer for on this SITE.
I used the following to open it:
$ firewall-cmd --permanent --zone=public --add-port=10050/tcp
$ firewall-cmd --reload
Now using the information from the information I found I wanted to restrict access to this port to a specific IP address. Do I need to first remove this port from public access?
Or Can I just just add the new rule as follows and that will take care of the problem for me?
$ firewall-cmd --new-zone=special
$ firewall-cmd --permanent --zone=special --add-rich-rule='
rule family="ipv4"
source address=”123.1.1.1"
port protocol="tcp" port="10050" accept'
I have tried the following:
$ firewall-cmd --zone=public --remove-port=10050/tcp
$ firewall-cmd --reload
But when I run the following:
$ firewall-cmd --list-ports
10050/tcp is still displayed.
Please understand I'm not overly familiar with Sever side configurations.
Soultion: Do not forget the –runtime-to-permanent
$ firewall-cmd --zone=public --remove-port=10050/tcp
$ firewall-cmd --runtime-to-permanent
$ firewall-cmd --reload
Best Answer
Solution: Do not forget the --runtime-to-permanent