Open firewall port on CentOS 7 [closed]

Question

I am using CentOS 7 and I have to ensure that ports 2888 and 3888 are open.

I read this article but this did not work because on CentOS 7 OS there is no iptables save command.

Someone told me that the above URL is not valid for CentOS 7. and I should follow this. But this article is not clear to me on exactly what command I need to execute.

I also found

firewall-cmd --zone=public --add-port=2888/tcp  

but this does not survive reboots.

So how can I open the ports and make it survive reboots?

Answer 1

Use this command to find your active zone(s):

firewall-cmd --get-active-zones 

It will say either public, dmz, or something else. You should only apply to the zones required.

In the case of public try:

firewall-cmd --zone=public --add-port=2888/tcp --permanent 

Then remember to reload the firewall for changes to take effect.

firewall-cmd --reload 

Otherwise, substitute public for your zone, for example, if your zone is dmz:

firewall-cmd --zone=dmz --add-port=2888/tcp --permanent 

Answer 2

The answer by ganeshragav is correct, but it is also useful to know that you can use:

firewall-cmd --permanent --zone=public --add-port=2888/tcp  

but if is a known service, you can use:

firewall-cmd --permanent --zone=public --add-service=http  

and then reload the firewall

firewall-cmd --reload 

[ Answer modified to reflect Martin Peter's comment, original answer had --permanent at end of command line ]