In this guide, I’m going to show how to open FTP port 21 with firewalld in CentOS / RHEL. Let’s start:

Table of Contents

1. Check firewalld Status
2. Check Active Zones
3. Open Port 21 in Public Zone
4. Check Services & Ports List
5. Remove FTP Port 21

Step 1 : Check firewalld Status

First, let’s check the firewalld’s status:

sudo firewall-cmd --state

Response:

running

Step 2 : Check Active Zones

We can open 21 port in any available zone.

sudo firewall-cmd --get-active-zones

Response:

public
  interfaces: eth0

Step 3 : Open Port 21 in Public Zone

In my test server, there is only one zone available called public. Normally all server has this public zone and most of the users choose public zone to open port. Let’s open 21 port in public zone:

To add temporarily, we have to run this command:

sudo firewall-cmd --zone=public --add-service=ftp

To add permanently, we have to run this command:

sudo firewall-cmd --zone=public --permanent --add-service=ftp

After adding port, we need to reload firewalld:

sudo firewall-cmd --reload

Step 4 : Check Services & Ports List

Now we can verify the running port and services of our server. To see the list, we need to run this command:

sudo firewall-cmd --list-all

Response:

public (active)
  target: default
  icmp-block-inversion: no
  interfaces: eth0
  sources:
  services: ssh dhcpv6-client ftp http https
  ports: 21/tcp
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

Step 5 : Remove FTP Port 21

If we need to remove the FTP port, we can do it easily:

sudo firewall-cmd --zone=public --permanent --remove-service=ftp

After removing the port, again we need to reload the firewalld:

sudo firewall-cmd --reload

That’s all. Thanks for reading.