How to Open Port for a Specific IP Address in Firewalld

The best way is to create a new firewalld zone and we add the specific IP to that zone.

To start with lets create an appropriate zone, in this example we will call the zone webmin-access and open webmin to 1 specific IP address.

The port will be 10000 tcp and the IP will be 10.20.30.40/24


Create new firewalld zone

Its best to create the zone name so it means something to you, in this example as we are going to give access to webmin. The zone I will create below will be called webmin-access

# firewall-cmd --new-zone=webmin-access --permanent

Next we reload firewalld and then issue the get-zones so we can see the new zone

# firewall-cmd --reload
# firewall-cmd --get-zones

We will now add the IP, port that you want to access the new zone and reload firewalld

# firewall-cmd --zone=webmin-access --add-source=10.20.30.40/24 --permanent
# firewall-cmd --zone=webmin-access --add-port=10000/tcp --permanent
# firewall-cmd --reload

Now we need to check that the new zone webmin-access has the details that we added above

# firewall-cmd --zone=webmin-access --list-all

Remove IP or Port from firewalld

This will remove the IP as below

# firewall-cmd --zone=webmin-access --remove-source=10.20.30.40/20 --permanent
# firwall-cmd --reload

To remove a port from the zone, issue the below command, in the example below we will remove the port 10000 that we added above.

# firewall-cmd --zone=webmin-access --remove-port=10000/tcp --permanent
# firwall-cmd --reload

Remove zone from firewalld

Finally we will now remove the zone that we created earlier

# firewall-cmd --permanent --delete-zone=webmin-access
# firewall-cmd --reload

Was this post helpful?

Total Page Visits: 2092 - Today Page Visits: 1