Linux Firewalld Setup - Failed again

Please help me to understand the question:

cat /etc/httpd/conf/httpd.conf | grep Listen
yum install firewalld -y
systemctl start firewalld && systemctl enable firewalld && systemctl status firewalld
firewall-cmd --state && firewall-cmd --reload

sudo firewall-cmd --permanent --zone=public --add-port=8080/tcp
sudo firewall-cmd --reload
sudo systemctl restart firewalld
sudo firewall-cmd --zone=public --list-all
systemctl status nginx && systemctl status httpd

Did u allow nginx port and add LoadBalancer rich rule in the firewalld.

I did the same:

@Inderpreet … nginx service is running on stapp01, still it says nginx is not reachable on app server 1

firewall-cmd --zone=public --add-port=8098/tcp --permanent #Nginx
firewall-cmd --permanent --zone=public --add-service=https
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-rich-rule=‘rule family=“ipv4” source address=“” port port=3000 protocol=tcp accept’ #Forward traffic from LB to Apache

Dont forget to add the interface
firewall-cmd --permanent --zone=public --change-interface=eth0

Validate your configuration
firewall-cmd --get-active-zones
firewall-cmd --zone=public --list-all

Hi @Inderpreet I’m facing issue with the lab while doing the firewalld task
The service isn’t starting.

Db exception can be fixed by restarting below services

sudo systemctl restart dbus
sudo systemctl restart firewalld
1 Like

Try with this command iptables -F, its working for me, and just try to connect after using this command.

Hi @ramith

i get an error when run last command (apache)

Could you please help me how to fix this.

@yogendra you have to add a rich rule as I have mentioned :slight_smile:
firewall-cmd --permanent --zone=public --add-rich-rule=‘rule family=“ipv4” source address=“” port port=5003 protocol=tcp accept’

Hi ramith,

I get errors when running rich rule command:

is there something wrong with the command, i’m unable to complete this step

I’ve had problems with single quote character

Try firewall-cmd --permanent --zone=public --add-rich-rule=‘rule family=ipv4 source address= port port=<apache_port> protocol=tcp accept’

Thanks it worked later, as issue with " ’ "

I used the below commands and the Nginx service is also running, but still, the task was failed.

sudo yum install firewalld -y
sudo systemctl start firewalld
sudo systemctl enable firewalld
sudo firewall-cmd --zone=public --add-port=8093/tcp --permanent
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-rich-rule=‘rule family=“ipv4” source address=“” port port=5000 protocol=tcp accept’

@player001 @sudheer @AdithiR @Montbra @ramith @Inderpreet

this task can be completed with few steps (questions are the major hints)
let me know if anyone needs help with this task.

If any wanna know where made mistake gone through for better understanding


Seems like you haven’t blocked Apache port for all others except for LB host. What is the error you got after submitting the task ?

For Tutorial/Solution