Allow TCP traffic on port 3306 from ip range

Asked Aug 11 '20 at 11:09

Active Aug 11 '20 at 11:09

Viewed 259 times

I have problem with firewall-cmd on Centos 7. I have task:

Allow TCP traffic on port 3306 from ip range 192.168.1.0/24, make sure to add this rule as second rule in the chain

and second task

Allow TCP traffic on port 80 from ip range 192.168.1.0/24, make sure to add this rule as first rule in the chain

It's a tasks which i find in google for linux training. These are tasks that I found on the internet to practice the firewall, but I can't do it.

I tried like this:

sudo firewall-cmd --add-source=192.168.5.0/24 --add-port=3306/tcp

but i got error

firewall-cmd: error: argument --add-port: not allowed with argument --add-source

In iptables i can do with this kind

sudo iptables -A INPUT -i eth0 -p tcp --dport 3306 --source 192.168.1.0/24 -j ACCEPT

but how can i do this in firewall-cmd?

Regards Pawel

asked Aug 11 '20 at 11:09

PawelC

1

You're gonna need to use richrules or zones as suggested in this [answer](https://serverfault.com/questions/684602/how-to-open-port-for-a-specific-ip-address-with-firewall-cmd-on-centos) – Geeky Masters Aug 11 '20 at 23:12
@GeekyMasters Ok, thank you very much for help :) – PawelC Aug 12 '20 at 07:12

0 Answers0