Firewall is on

The firewall is active. You cannot directly open ports, even not

  • as superuser
  • those above 1024
This can be confusing because a command such as:
python -m SimpleHTTPServer 8000

works as expected for webbrowsers on the same systems while remote systems get a message like:

Connecting to pclin270|131.155.70.208|:8000... failed: No route to host.

No dialogue appears from the firewall to warn you for this issue.

Firewall configuration

To change the firewall settings:

sudo /usr/bin/firewall-config

and add the required ports. Note that

  • Runtime is a kind of program lifecycle phase, but in a more specific sense, that is, applying only to the current uptime's lifecycle phase . In other words, not surviving reboot or not Permanent.

    This is explained by a tooltip but you will easily miss that if you click too fast.

  • Permanent is permanent in the sense of surviving reboot. To make Runtime settings, including newly added services, Permanent, apply
    Options → Reload Firewalld
    or reboot.

    Services can only be added here, and will be registered in /etc/firewalld/services You will not see the pre-defined services there, they reside in /usr/lib/firewalld/services.

See also

docs.fedoraproject.org - Security_Guide

Contact us | Webmaster

Questions? Mail to helpdesk.win@tue.nl