I cannot connect after enable Firewalld on CentOS7

5.2k views Asked by At

I'm trying to setup LAMP to CentOS7 with a guide. I tried to run these commands to allow HTTP and HTTPS traffic:

sudo firewall-cmd --permanent --zone=public --add-service=http 
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reload

But system give this error:

FirewallD is not running

So I searched for it then apply these commands:

systemctl enable firewalld
systemctl start firewalld

Then it printed "completed" output but my connection was aborted and I cannot connect to the server with IP:Port with PuTTy anymore.

What should I do? The only access to the server was that way for me. I have no physical access to the server.

3

There are 3 answers

2
Simon On BEST ANSWER

It looks like you locked yourself out, as you did not specify that ssh should also be allowed:

sudo firewall-cmd --permanent --zone=public --add-service=http 
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --permanent --zone=public --add-service=ssh
sudo firewall-cmd --reload

The guide above seems to assume that ssh is already allowed.

What should I do? The only access to the server was that way for me. I have no physical access to the server.

So at this point the only way to access the server will typically be via the VM console of your hosting provider / virtualisation solution. Almost all providers will allow you access to that console, so you should try to do that. Once logged in via the console, you can then run the above command to allow SSH to regain access via SSH.

0
Jamiul Islam On

Open below file Vi /usr/sbin/firewalld

#!/usr/bin/python2.7 -Es

-- coding: utf-8 --

Note if your python version is only python o another version then rename it python2.7

then systemctl start firewalld

0
Zack K. On

I had the same problem, but this is what solved it for me.

Once you install Firewalld DO NOT enable it via systemctl enable firewalld

After install run this systemctl start firewalld and then add ssh and others zones

sudo firewall-cmd --permanent --zone=public --add-service=http 
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --permanent --zone=public --add-service=ssh
sudo firewall-cmd --reload

At the end when everything done and all your zones are correct then run systemctl enable firewalld