Nethserver 8 - Open port on host system

yummiweb · February 17, 2025, 1:47pm

Dear community,

I have a question about firewall management for Nethserver 8. In my case on Debian 12.

After the Debian installation, I assigned another port for SSH in /etc/ssh/sshd_config as usual. That worked great. I left the usual 22. That was a good decision.

After the Nethserver 8 installation, SSH access is unfortunately only possible via port 22.

The Nethserver 8 installation must therefore have activated a (own?) firewall and used a set of rules that is not based on the ports actually used by the host.

I cannot see my SSH port in the cluster config “Settings/Firewall” and cannot cannot add my own port there either. That is probably how it is supposed to be.

But how do I change or add my port IN SUCH A WAY that Nethserver 8 doesn’t overwrite this setting itself? That would be bad because otherwise I would lose my SSH access via my special port, for example, and I don’t want to leave port 22.

Regards
Yummiweb

yummiweb · February 17, 2025, 1:57pm

I withdraw my request, I found the required answer in the instructions:
(It was probably a bit late yesterday…)

https://docs.nethserver.org/projects/ns8/en/latest/firewall.html#

Manage ports manually

To allow connections to the listening port of a third-party service, use firewall-cmd. For instance, the following command opens TCP port 9000:

firewall-cmd --add-port=9000/tcp

To close the same port, use:

firewall-cmd --remove-port=9000/tcp

Changes to the firewall configuration are lost after a firewall restart or system reboot unless the same command is invoked a second time with the --permanent flag. Refer to the firewall-cmd manual page for more information.

To see the list of allowed services and ports, run:

firewall-cmd --list-all

Regards
Yummiweb