Greenwebpage Community Blog Tutorials How to Open and Close Ports on CentOS 9
Tutorials

How to Open and Close Ports on CentOS 9

On CentOS 9, opening and closing ports are important for managing network access. Opening specific or required ports allows only authorized services to access your network. On the other hand, closing unwanted and unnecessary ports helps prevent cyber attacks and enhances system security.

Through this guided article, you will explore different methods of how to open and close ports on the CentOS 9 system.

How to Open and Close Ports on CentOS 9?

With the following methods, you can open and/or close ports on your CentOS 9 system:

  • Method 1: Open and Close Ports on CentOS 9 using “Firewalld”
  • Method 2: Open and Close Ports on CentOS 9 via “iptables”

Method 1: Open and Close Ports on CentOS 9 using “Firewalld”

The procedure of opening and closing ports via “Firewalld” tool will be demonstrated in this method.

Step 1: Update CentOS System Packages

Run the update command using DNF package manager to refresh your CentOS 9 system packages:

sudo dnf update

The “Nothing to do” message shows that all your system packages have been refreshed and updated.

Step 2: Install Firewall Managing Tool

Firewalld is a firewall management tool that simplifies the management of firewall rules on Linux-based systems, including CentOS 9. To install Firewalld, execute the following command:

sudo dnf install firewalld

If Firewalld is installed, the above command will return the release number of the package, such as “firewalld-1.3.4”.

Step 3: Initiate Firewall

Right after the installation of the Firewalld, start it using the given below command:

sudo systemctl start firewalld

The output indicates that the Firewalld tool is activated on your CentOS 9 machine.

Step 4: Enable Firewall to Start on Boot:

If you want to start the Firewalld on boot, you can enable the services via the command:

sudo systemctl enable firewalld

Encountering no error indicates that you have enabled the Firewalld successfully.

Step 5: Check the Status of “Firewalld”

Using the provided command will verify the current status (i.e. Stopped/Active) of Firewalld on your CentOS 9 system:

sudo systemctl status firewalld

You can also utilize the following command to check the running state of Firewalld:

sudo firewall-cmd --state

If you see the “running” on your terminal screen, it shows that the Firewalld has been successfully configured on your CentOS 9 system.

How to Open Ports via Firewalld?

The following steps can be used to open the port(s) on your CentOS 9 system.

Step 1: List Existing Open Ports

First, check the existing ports that are open on your system:

sudo firewall-cmd --list-ports

If there are no open ports on your CentOS 9 system, it will return an empty output, as shown above.

Step 2: Open a Port

Let’s open a port using the Firewalld tool. You can simply copy the following command to your terminal to open a port, such as TCP=8880:

sudo firewall-cmd --zone=public --add-port=8880/tcp --permanent

You will see the message “success” as output, indicating that TCP port 8880 is now open.

Step 3: Reload Firewall

To apply the changes after adding or opening the port, reload the firewall using the following command:

sudo firewall-cmd --reload

As illustrated, the above step has reloaded the firewall configuration.

Step 4: Confirm Open Port(s)

Utilize the command to list the open ports and confirm that the port (e.g TCP port 8880) has been successfully opened:

sudo firewall-cmd --list-ports

You can see that the TCP is now open on port 8880.

How to Close Ports using Firewalld?

You can close the ports that are open on your CentOS 9 through the following steps.

Step 1: Close the Existing Port

To close the existing port, copy the provided command to your CentOS terminal and execute it:

sudo firewall-cmd --zone=public --remove-port=8880/tcp --permanent

When you see the “success” message on your terminal, proceed to the next step.

Step 2: Reload Firewall

Run the below-mentioned command to reload the Firewall configuration from the terminal:

sudo firewall-cmd --reload

Once you have reloaded the firewall, you will see a “success” message, indicating that the changes have been applied successfully.

Step 3: Verify the Port(s) after Closing

To confirm that the port has been successfully closed, operate the command to list the ports:

sudo firewall-cmd --list-ports

A blank output indicates that the previously open port (e.g. 8880/TCP) has been closed on your CentOS 9 system.

Method 2: Open and Close Ports on CentOS 9 via “iptables”

In this method, we will demonstrate how to open and close ports on CentOS using the “iptables”.

Step 1: Install “namp” Tool

Install “nmap” for scanning hosts and open ports on a network:

sudo dnf install nmap
 

As illustrated above, you have installed “nmap” version 7.92 on your CentOS 9 machine.

Step 2: Inspect Hosts and Open Ports

Now, let’s scan the hosts and open ports on your network (i.e. localhost):

sudo nmap localhost

Through this command, you can inspect the current status of ports on your network.

How to Open Ports using “iptables”?

Step 1: Open a port (TCP port 8880)

For example, you can open TCP port 8880 by executing the command:

sudo iptables -I INPUT -p tcp --dport 8880 -j ACCEPT

Step 2: Inspect Existing “iptables” Ports

After opening the ports, use the given below command to check the existing “iptables” rules, especially ports:

sudo iptables -L -v -n

If you see the port, such as “tcp dpt:8880”, it indicates that the previous command was executed successfully.

How to Close Ports via “iptables”?

Step 1: Close a port (TCP port 8880)

If you want to close a port, such as TCP 8880, you can run the command from your CentOS terminal:

sudo iptables -D INPUT -p tcp --dport 8880 -j ACCEPT

In the above command the “-D” is used to delete the port. Thus, it will remove/close the specific port (TCP port 8880) from your centOS 9s system.

Step 2: Confirm the Ports After Closing

To ensure that the port (TCP dpt:8880) has been successfully ended or closed, use the following command to list the “iptables” rules:

sudo iptables -L -v -n

If you don’t see ”tcp dpt:8880” in your output, it indicates that the port is no longer open on your CentOS 9 system.

Conclusion

One can open and close ports on CentOS 9 using “Firewalld” and “iptables”. These two tools are simple and commonly used among Linux-based users. If the Firewalld tool is not configured on your CentOS system, you can use the command “sudo dnf install firewalld” to install it on your system.

Exit mobile version