Task 1: Linux firewalld rules

Hi,
My task was to add firewall rule to allow port 6300 on backup server.
I have added this to backup server using cmd:
sudo iptables -A IN_public_allow -p tcp --dport 6300 -m conntrack --ststate NEW,UNTRACKED -j ACCEPT

I was also able to telnet the server with the same port

could u please let me know why the task failed…

Hi Subhasree,

I think you were supposed to use firewalld instead of iptables to complete the task that’s why it failed.

Regards,
Salim Rashid

Right, it is asked in the question to use firewalld not iptables.

Hi, I used the firewalld command and I still failed.

Did you checked the ports after you run the reload to test whether the ports are applied in the firewall or not?

firewall-cmd --zone=public --list-all

Its good to always take a minute to test and verify the port from any other host.

Hi,

I did use firewalld and set it permanent and still it failed. Can you please let me know where I went wrong.

@deb

When you add any rule with--permanent option you must need to reload/restart firewalld service to save the same.

@Inderpreet

Thank you.

Hi Subha,

You can use below commands to allow port permanent

sudo firewall-cmd --permanent --zone=public --add-port=6300/tcp
sudo firewall-cmd --reload
sudo systemctl restart firewalld
sudo firewall-cmd --zone=public --list-all

Regards,
Siva

3 Likes

You need to login to your backup server and run some commands. Tutorial: Linux Firewalld Rules KodeKloud

2 Likes

You must set network interface to public zone.