Firewalld - firewall-cmd - allow or deny a protocol

If you are not familar with firewalld and the firewall-cmd, check out our Getting Started article.

The --add-port=port_number/protocol option can be used to allow connections to a protocol.

firewall-cmd --add-protocol=smb2 --permanent
firewall-cmd --reload


Or --remove-port=port_number/protocol to remove a protocol

firewall-cmd --remove-protocol=smb --permanent
firewall-cmd --reload


The --check-config command can be used to ensure there are no configuration errors.

~]$ firewall-cmd --check-config


firewall-cmd --list-all will show the allowed protocol.

~]# firewall-cmd --list-all
  target: default
  icmp-block-inversion: no
  interfaces: eth0
  protocols: smb2
  masquerade: no
  rich rules:

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee

Add a Comment

We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.

Please enter ddcfa in the box below so that we can be sure you are a human.