CloudsArk
Networking Linux

Open Ports firewalld

Learn practical open ports firewalld with Linux commands, verification steps, common mistakes, and related administrator guidance.

8 min read Updated 2026-05-30
linux open ports

Open Ports firewalld

Introduction

This guide focuses on open ports firewalld from an administrator's terminal. The goal is to configure or verify networking without guessing which layer is broken.

When You Need This

Use this workflow when a host cannot reach another system, name resolution fails, a route is missing, a port is blocked, or NetworkManager configuration needs to be persistent.

Key Files and Commands

sudo firewall-cmd --state
sudo firewall-cmd --get-active-zones
sudo firewall-cmd --list-all
sudo ss -tulpn

Important areas to check are firewalld zone selection, runtime versus permanent rules, and listening processes. On RHEL-style systems, NetworkManager and firewalld are usually part of the answer.

Step-by-Step Configuration

Start by viewing live state, then change the persistent connection profile if needed. For NetworkManager-managed systems, prefer persistent profiles over runtime-only changes.

sudo firewall-cmd --state
sudo firewall-cmd --get-active-zones
sudo firewall-cmd --list-all

Verification

sudo ss -tulpn
sudo firewall-cmd --add-service=http --permanent

A healthy result should look similar to:

public (active)
services: cockpit dhcpv6-client ssh http

Troubleshooting

Check interface state, IP address, default route, DNS server, firewall zone, and listening process. If a connection works by IP but not by name, focus on DNS. If DNS works but traffic fails, focus on routes, firewall, and service binding.

Common Mistakes

  • Making several changes at once, which hides the real cause.
  • Skipping logs or verification commands after a change.
  • Assuming the problem is fixed because one command returned successfully.

Quick Checklist

  • Confirm link state and IP address.
  • Confirm default gateway and specific routes.
  • Confirm DNS separately from IP connectivity.
  • Check listening sockets and firewall zones.
  • Make persistent changes through NetworkManager when appropriate.

Summary

Good Linux networking work separates address, route, DNS, firewall, and service checks. Verify each layer before moving to the next one.

Keep exploring

More Linux

All articles
Networking

tcpdump Troubleshooting Examples

8 min read Networking

tcpdump Basic Usage Linux

8 min read Networking

ss Command Networking Guide

8 min read