open all ports to specific IP with firewalld
I'm on a red hat 7 machine, and I need to open all ports to a specific IP on the firewall.
I tried this command:
firewall-cmd --permanent --zone=public --add-rich-rule=' rule family="ipv4" source address="64.39.96.0/20" port protocol="tcp" port="*" accept'
But I'm getting an invalid port error for the *
Does anyone know and can tell me how to do this correctly?
Use a firewalld zone for this. Zones can be specified either by interface or by source IP address.
In fact, by default, a zone which accepts all traffic already exists, and it is named trusted
. By default, though, nothing is in this zone. So, you don't even need to create a zone, just add the IP address to the trusted
zone.
firewall-cmd --zone=trusted --add-source=64.39.96.0/20
In addition to CIDR ranges, you can specify single IP addresses or ipset names prefixed with ipset:
.
After this, all traffic from the specified addresses will be allowed on any port. Remember to make it permanent, either by repeating the command with --permanent
appended, or by running firewall-cmd --runtime-to-permanent
.