Open a port for an IP range

Friday, Jun 8, 2018
Linux security

Using firewalld this is a so called rich rule. To open the ssh port for you have to do like this:

firewall-cmd --permanent --zone=home --add-rich-rule='
  rule family="ipv4"
  source address=""
  port protocol="tcp"

assuming you have just enabled dhcpv6-client as a service our XML looks like something like this:

<?xml version="1.0" encoding="utf-8"?>
  <description>For use in work areas. You mostly trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
  <service name="dhcpv6-client"/>
  <rule family="ipv4">
    <source address=""/>
    <port protocol="tcp" port="22"/>

Do not forget to reload you firewall configuration using firewall-cmd --reload