How to block specific port on CentOS 8 such as 22

Network services work using some specific port number on computer systems whether it is Linux, Windows, macOS, or any other. For example, the Apache webserver uses port 80 or 443 by default. However, we can change them, but worldwide by default, every service over the internet has its own port number. In case, you want to disable or block any such port numbers on your CentOS 8 server or Desktop Linux system, let say SSH service port that is 22, follow the below tutorial.

Firewall-CMD is the default firewall manager of the CentOS 8/RHEL 8 and here we are using it to show the commands:

Command to block all request for a specific port

firewall-cmd --permanent --add-rule='rule family=ipv4 port port="22" protocol="tcp" reject'

or

firewall-cmd --direct --add-rule ipv4 filter INPUT 1 -m tcp -p tcp --dport 22 -j REJECT

Reload firewall to apply changes:

firewall-cmd --reload

To block port for a single Ip address

firewall-cmd –direct –add-rule ipv4 filter INPUT 1 -m tcp –source ip-address -p tcp –dport 22 -j REJECT

Example: if the IP address is 192.168.0.107, then the command will be in this way:

firewall-cmd --direct --add-rule ipv4 filter INPUT 1 -m tcp --source 192.168.0.107 -p tcp --dport 22 -j REJECT

To unblock it again then the command will be:

firewall-cmd --direct --add-rule ipv4 filter INPUT 1 -m tcp -p tcp --dport 22 -j ACCEPT

Note: You can change the port number in the above command with whatever you want to block. Just replace the 22 with the one you want use and want to disable the access for everybody or some particle system.

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.