HomeRocky LinuxBlock an outbound port using firewalld-cmd

Block an outbound port using firewalld-cmd

Software Effect Enterprises, Inc Posted on by

I had a test machine I was setting up and I did not want it to be able to send out emails (tcp 25)

Edit the file /etc/firewalld/firewalld.conf. Find the line

FirewallBackend=nftables

change it to read

FirewallBackend=iptables

execute

systemctl restart firewalld

Now – to block outbound SMTP execute:

firewall-cmd --permanent --direct --add-rule ipv4 filter OUTPUT 0 -p tcp -m tcp -d 127.0.0.1 --dport=25 -j ACCEPT
firewall-cmd --permanent --direct --add-rule ipv4 filter OUTPUT 1 -p tcp -m tcp --dport=25 -j REJECT
firewall-cmd --permanent --direct --add-rule ipv6 filter OUTPUT 0 -p tcp -m tcp -d ::1 --dport=25 -j ACCEPT
firewall-cmd --permanent --direct --add-rule ipv6 filter OUTPUT 1 -p tcp -m tcp --dport=25 -j REJECT
firewall-cmd --reload

to remove the block

firewall-cmd --permanent --direct --remove-rule ipv4 filter OUTPUT 0 -p tcp -m tcp -d 127.0.0.1 --dport=25 -j ACCEPT
firewall-cmd --permanent --direct --remove-rule ipv4 filter OUTPUT 1 -p tcp -m tcp --dport=25 -j REJECT
firewall-cmd --permanent --direct --remove-rule ipv6 filter OUTPUT 0 -p tcp -m tcp -d ::1 --dport=25 -j ACCEPT
firewall-cmd --permanent --direct --remove-rule ipv6 filter OUTPUT 1 -p tcp -m tcp --dport=25 -j REJECT
firewall-cmd --reload

Tested with Rocky Linux 8.4

Comments are closed.