1

I have an issue with firewalld where I opened some ports and now want to close them for example I opened tcp/3000 in the public zone and now want to close it. So far I've tried this

firewall-cmd --zone=public --remove-port=3000/tcp
firewall-cmd --runtime-to-permanent
firewall-cmd --reload

after running that, I ran

firewall-cmd --list-all-zones

and it's showing the public zone no longer has that port open

  public (active)
    target: default
    icmp-block-inversion: no
    interfaces: eth0
    sources:
    services: ssh dhcpv6-client http https
    ports: 8080/tcp 500/udp 4500/udp 80/udp 443/udp 7070/udp 5555/tcp 1514/tcp 514/tcp 8086/tcp 8082/tcp 10051/tcp 1514/udp 12201/udp 12201/tcp 514/udp 9200/tcp 5044/tcp 5601/tcp 80/tcp 443/tcp 3306/tcp 5000/tcp 5002/tcp 87/tcp
    protocols:
    masquerade: no
    forward-ports:
    source-ports:
    icmp-blocks:
    rich rules:

However i can still access my grafana instance on that port. From there I tried to run

sudo systemctl restart firewalld

But it's still letting the traffic through.

Kagashe
  • 11

1 Answers1

0

I know you flagged --list-all-zones and did not see port 3000/tcp open, but:

1- Just to be sure, can you grep all files in /etc/firewalld/zones/.xml for "3000" ? 2- grep for "3000" in /usr/lib/firewalld/zones/.xml 3- Check the logs 4- Double check if iptables is not running and allowing port 3000

yield
  • 858