Scenario / Questions

I would like to open port 4567 for the IP address 1.2.3.4 with the firewall-cmd command on a CentOS 7.1 server.

How can I achieve this, as the documentation I could find was too specific on this?

Find below all possible solutions or suggestions for the above questions..

Suggestion: 1

Try this command

firewall-cmd --permanent --zone=public --add-rich-rule='
  rule family="ipv4"
  source address="1.2.3.4/32"
  port protocol="tcp" port="4567" accept'

Check the zone file later to inspect the XML configuration

cat /etc/firewalld/zones/public.xml

Reload the firewall

firewall-cmd --reload

Suggestion: 2

Create a new zone to accommodate this configuration. FirewallD zones are defined by source addresses and by interfaces.

firewall-cmd --new-zone=special --permanent
firewall-cmd --reload
firewall-cmd --zone=special --add-source=192.0.2.4/32
firewall-cmd --zone=special --add-port=4567/tcp

Add --permanent of course to the latter two commands to make them permanent.