How to Open or close ports in AlmaLinux 8 or Rocky Firewall – Linux Shout

Many times after installing some application or accessing an inbuilt service outside the system using some other devices, we need to open a network port. It is a communication endpoint defined by a software layer to identify & access some particular process or a type of network service. For example, SSH (Secure Shell Protocol) service, the default port for it is 22, which we can be used to access any particular computer to control remotely. In the same way, CPanel, NextCloud, Apache, and other various tools and software come with their own port number. However, if you have a firewall installed, then most of the ports would be blocked by default, and to communicate with them, first, we have to open the same.
Let’s say you want to open a port 80 or 443 in AlmaLinux 8, then how to do that? To help you with this here is the tutorial.
The one thing we have to ensure that firewalld is on our AlmaLinux and running properly before opening and closing any port on the system.
Check Status:
If it not running then use the below commands:
Well, those who don’t have firewalld installed and want it to, they can run:
Before opening any particular port let’s confirm that it is not already active in firewalld and has not been allowed to access through public connections, for that run-
So, in the below screenshot we can clearly see the port 443 or 3602 is not allowed to communicate externally.
List all openeed ports services in AlamaLinux
FirewallD also comes with some pre-configured services, for them and their ports the firewall allows public communication by default. And SSH, Plex, Cockpit, etc are a few of them. You can check the list of all such services by using the command-
Output: These are the services that are available firewalld as pre-configured and can be opened just using their name with the command syntax given in later steps of this tutorial.
List of Zones
Although to access any service we have just allow the service in the public zone, however just for information you can check other available zones as well, in case you want to use any of them.
Now, the default zone to access the service from the outside network is public, and with the help of the below command syntax, you can open any port or service on your AlmaLinux or Rocky server.
For opening any service which is predefined in firewalld such as HTTP or OpenVPN, you need to replace the service-name in the below command syntax-
sudo firewall-cmd --zone=public --permanent --add-service=service-name
Let’s say you want to open http or openvpn, then the same above syntax can be used as
In the same way, those services’ ports are not pre-defined then users can open them manually using this command. Replace type-port-number in the below syntax with the port you want to open. You can also change TCP to UDP as per the requirements.
sudo firewall-cmd --zone=public --permanent --add-port type-port-number/tcp
Example– Lets’ say you want to open 3602
Although it is not necessary to reload the firewall, however, to ensure it has successfully flushed the previous settings and recognize the newly added service or port for the public zone, let reload its service.
You can check whether the port or service successfully active or not by listing them.
Step 1: To block any already opened service or port, we can use the same command that we have used above to open them. However, if you are unsure that what are the active ones you can use again the command to list them all-
Step 2: Now let’s say you want to close port number 443  or block the service ssh in the firewall. The syntax will be the same we have used to open them, however instead of using option add we use the remove this time.
Syntax to remove some service-
firewall-cmd --zone=public --permanent --remove-service service-name
For example– If we want to blocks service ssh
Syntax to block some port number:
firewall-cmd --zone=public --permanent --remove-port type-number
Example– Let’s block port 443
Reload firewall:
In this way, we to cannot only check the open ports and services but can also allow and block them to communicate from the outside our Almalinux Linux including Rocky, CetnOS, or RHEL 8.
Other Articles:
AlmaLinux, Rocky Linux

AlmaLinux, CentOS


AlmaLinux, Rocky Linux

This site uses Akismet to reduce spam. Learn how your comment data is processed.
Linux Shout crafted as a part of our main portal H2S Media to publish Linux related tutorials and open source Software.


We will be happy to hear your thoughts

Leave a reply

Compare items
  • Total (0)