#firewall-cmd

Now we need open several port, for connect to VM since others Machines.

First install “firewalld”. Typing “sudo yum install firewalld”

Once is installed “firewalld”, start the service and reboot the Machine

For verify than the service is running, type:

Now, we are creating a “zone”, named “workspaceNet”.

Check list the zones.

Reload the zones and Check again the zones

Now allow two protocols (ssh, http and https) to zone “workspaceNet”

Check 

Now check active zone

In the before image, we can see my interface name “enp0s3”

Now set the interface to zone “workspaceNet”

Now restart the service “network” and reload “firewalld”

Set the new zone “workspaceNet”

Show new active zone

Show interface and service actives:

Now we need add the specific port, show the open ports

Add the port 8088 to zone “workspaceNet”

firewalld commands in Linux

FirewallD (Dynamic Firewall) and Iptables both are similar for packet filtering. The Dynamic Firewall daemon Firewalld offers network zone support for a dynamically controlled firewall to grant a level of trust to a network and its related connections and interfaces. This allows firewall configurations for IPv4 and IPv6. It supports Ethernet bridges and has a different runtime and permanent…

I find that adding logging at the info level is useful when redirecting ssh to a port other than 22 (change the Port option in /etc/ssh/sshd_config to 19356, for example).  firewall-cmd rich rules allow adding far more control over firewall entries,

# firewall-cmd --add-rich-rule="$(cat rule_ssh_obfuscate.txt)" --permanent

The contents of rule_ssh_obfuscate.txt,

# cat rule_ssh_obfuscate.txt

rule family="ipv4" port port="19356" protocol="tcp" log prefix="ssh19356: " level="info" limit value="1/m" accept

# firewall-cmd --reload

# firewall-cmd  --list-rich-rules rule family="ipv4" port port="19356" protocol="tcp" log prefix="ssh19356: " level="info" limit value="1/m" accept

This way I can tell who is attempting to connect to this port in my kernel logs,