Network services work using some specific port number on computer systems whether it is Linux, Windows, macOS, or any other. For example, the Apache webserver uses port 80 or 443 by default. However, we can change them, but worldwide by default, every service over the internet has its own port number. In case, you want to disable or block any such port numbers on your CentOS 8 server or Desktop Linux system, let say SSH service port that is 22, follow the below tutorial.
Firewall-CMD is the default firewall manager of the CentOS 8/RHEL 8 and here we are using it to show the commands:
Command to block all request for a specific port
firewall-cmd --permanent --add-rule='rule family=ipv4 port port="22" protocol="tcp" reject'
or
firewall-cmd --direct --add-rule ipv4 filter INPUT 1 -m tcp -p tcp --dport 22 -j REJECT
Reload firewall to apply changes:
firewall-cmd --reload
To block port for a single Ip address
firewall-cmd –direct –add-rule ipv4 filter INPUT 1 -m tcp –source ip-address -p tcp –dport 22 -j REJECT
Example: if the IP address is 192.168.0.107, then the command will be in this way:
firewall-cmd --direct --add-rule ipv4 filter INPUT 1 -m tcp --source 192.168.0.107 -p tcp --dport 22 -j REJECT
To unblock it again then the command will be:
firewall-cmd --direct --add-rule ipv4 filter INPUT 1 -m tcp -p tcp --dport 22 -j ACCEPT
Note: You can change the port number in the above command with whatever you want to block. Just replace the 22 with the one you want use and want to disable the access for everybody or some particle system.
