I hate the default firewall in CentOS. 😀
Its so unneeded complicated that a simple Access-Rule seems to be as hard as climbing up the mount everest.
So, my problem was i wanted to configure a CentOS-Server for our backup system. Backup client was installed but the CentOS-Firwall was blocking the traffic.
Our backup-system needs several ports (in range) and communication comes from multiple servers.
But i didnt wanted to allow a port range because of security. So open up traffic for our backup-subnet was the way to go.
Here is the command:
firewall-cmd --permanent --zone=public --direct --add-rule ipv4 filter IN_public_allow 0 -s xx.x.xx.x/xx -j ACCEPT
Have fun 😀