After running up a new server, we need to add port to Firewall if we enable Firewall. We can easily add a port to Firewall.

Table of Contents

1. Add Port to Firewall
2. Solution: ‘no route to host’
3. Notes

Add Port to Firewall

Let’s check Firewall is running or not:

sudo firewall-cmd --state

If running, we have to run this command to add any port to Firewall.

sudo firewall-cmd --add-port=8080/tcp  --permanent

If you want to add port to any zone, then first check the available zone:

sudo firewall-cmd --get-active-zones

You will see the zone list. It will say either public, dmz, or something else. To add a port to the public zone, run this:

sudo firewall-cmd --zone=public --add-port=8080/tcp --permanent

Then remember to reload the firewall for changes to take effect.

sudo firewall-cmd --reload

Solution: ‘no route to host’

Sometimes we install and start Apache/Nginx web server and try to visit the server using IP or hostname. At this time, the server doesn’t respond.

If we run the ping command, it may show like this:

“no route to host” with static IP. Not able to ping.

We can easily solve this error. This error means we didn’t open 80 (HTTP) port. For SSL, we need to run 443 (HTTPS) port.

Let’s open the HTTP & HTTPS port by typing these commands:

#HTTP
sudo firewall-cmd --add-service=http                 # Running config
sudo firewall-cmd --add-service=http --permanent     # Startup config

#HTTPS
sudo firewall-cmd --add-service=https                 # Running config
sudo firewall-cmd --add-service=https --permanent     # Startup config

Don’t forget to reload the firewall for changes to take effect.

sudo firewall-cmd --reload

Notes

You may restart your webserver too:

#Apache
sudo systemctl restart httpd

#Nginx
sudo systemctl restart nginx

Here’s some Firewall commands:

sudo systemctl start firewalld
sudo systemctl enable firewalld
sudo systemctl status firewalld
sudo systemctl stop firewalld
sudo systemctl disable firewalld

The tutorial is over. Thanks for reading.