A Linux system administrator needs to modify the firewall settings to allow access to a web server service that has been recently configured to listen on a non-standard port, 8443 for secure traffic. Simultaneously, they must ensure that other services remain unaffected by this firewall change. To apply this change immediately and make it permanent for subsequent system reboots, which of the following commands should the administrator execute?
The correct command is firewall-cmd --permanent --add-port=8443/tcp && firewall-cmd --reload. This command first makes a permanent change to the firewall rules to allow traffic on port 8443, which is where the web server is now listening for secure traffic, and then reloads the firewall to apply the changes immediately without affecting other services or requiring a system reboot. firewall-cmd --permanent --add-service=https is not correct in this context because the web server is using a non-standard port, not the default port for HTTPS (443). Similarly, firewall-cmd --permanent --zone=public --add-port=443/tcp is incorrect as it opens the default HTTPS port, not the non-standard one in use. iptables -I INPUT -p tcp --dport 8443 -j ACCEPT && service iptables save would apply the rule without making it permanent across reboots because the service iptables save command is specific to certain Linux distributions that use the service management utility and not a standard way to persist firewall rules.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is firewall-cmd and how does it work?
Open an interactive chat with Bash
What are the implications of using non-standard ports like 8443?
Open an interactive chat with Bash
What is the difference between permanent and temporary firewall rules?