CentOS 7: redirect port 80 to port 8080

CentOS 7 uses firewalld to manage ports, firewall rules and more. To quickly get up and running, firstly list all currently existing rules:

firewall-cmd --list-all

The output will be something similar to this, depending on what services you have running.

public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens160
  sources:
  services: ssh dhcpv6-client
  ports:
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

If you simply want to open a port, use --add-port (and later --remove-port to revert the change if need be).

firewall-cmd --add-port=8080/tcp

To instead forward port 80 to port 8080:

firewall-cmd --add-forward-port=port=80:proto=tcp:toport=8080

After you’ve made your changes, be sure to check the state is as expected. The output for a correctly forwarded port looks like this:

public (active)
  forward-ports: port=80:proto=tcp:toport=8080:toaddr=
  ...

Once you’re happy with your changes, save them permanently.

firewall-cmd --runtime-to-permanent

You can then reload the rules and check that everything is as you’d expect it to be.

firewall-cmd --reload
firewall-cmd --list-all