1. View firewalld Rules
sudo firewall-cmd --list-all
2. Add and Remove Port Access for All IPs
sudo firewall-cmd --permanent --zone=public --add-port=22/tcp
sudo firewall-cmd --permanent --zone=public --remove-port=22/tcp
3. Add Rules for Allowing IP Whitelisting in firewalld
After starting the firewalld service, all services are denied by default, and relevant IP whitelisting must be enabled for access
-
Add Rich Rule for Single IP Whitelisting
sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.1.100" port port="22" protocol="tcp" accept'
- Add Rich Rule for Subnet Whitelisting
sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.1.0/24" port port="22" protocol="tcp" accept'
- Remove Whitelist from Rich Rule
sudo firewall-cmd --permanent --remove-rich-rule='rule family="ipv4" source address="192.168.1.100" port port="22" protocol="tcp" accept'
sudo firewall-cmd --reload