Opening a port with firewalld doesn't seem to work

ssh iptables firewalld

I have configured sshd to live on a different port. I have opened that port using firewalld:

$ sudo firewall-cmd --zone=public --add-port=22000/tcp --permanent

Listing rules shows port 22000 is open:

$ sudo firewall-cmd --permanent --zone=public --list-all
public (default)
  interfaces:
  sources:
  services: dhcpv6-client ssh
  ports: 22000/tcp 
  masquerade: no
  forward-ports: 
  icmp-blocks:
  rich rules:

However I cannot log in from a remote host to port 22000. If I use iptables, it works:

$ sudo iptables -I INPUT -p tcp --dport 22000 -j ACCEPT

I can now log in. But how can I open the port with Firewalld?

Edit: As requested:

 $ sudo firewall-cmd --get-default-zone
 public

And:

 $ firewall-cmd --get-active-zones
 public
  interfaces: eth0 eth1

Solution 1:

See the firewalld docs:

The permanent option --permanent can be used to set options permanently. These changes are not effective immediately, only after service restart/reload or system reboot. Without the --permanent option, a change will only be part of the runtime configuration.

When using --permanent option, you should reload configuration by firewall-cmd --reload
This is because --permanent option writes changes to saved configuration, not into running config.

Related

Mute new tabs by default in Firefox
FFmpeg - Transcode each segment individually
How to view Adobe Shockwave file (dcr file extension)
How do I stop Chrome from exiting fullscreen on macOS Sierra?
How to extract passwords from Mobaxterm Free Version
How can I detect if C malloc available for freestanding target platform?
How to extend battery lifespan / not charge to 100%
IPv6 home set-up | OpenWrt 18.06.1 - how to?
How to exit with an error code from nano?
What's wrong with closing applications on Windows Mobile? [closed]
Spring Kotlin Bean DSL - register bean only if other bean is present?
What is the host key of Windows 7 Virtual PC and where can you change it?