Creating a firewalld service for Plex Media Server – the foremind

plex_firewalld-6918354I recently rebuilt my Plex Media Server box as a CentOS 7 VM running on Hyper-V on a Windows Server 2012 setup.

When I installed the rpm and started the service I found that I was unable to load the interface on my desktop. I knew that it was running because I installed netstat and I was able to see the port was open for traffic and I was also able to load the interface locally in lynx on the server.

UPDATE: At some point I rebuilt my server and I came back to this post to grab my config.  It turns out that I had a typo in one place and a missing command in another.  I have edited this post to correct the issues.  I have followed the new steps on several machines and this process does work without adding additional files in: [code]/usr/lib/firewalld/services/[/code]

It turns out that there were two issues:

Disabling SELinux was as simple as editing the configuration file (/etc/selinux/config) and setting the value of selinux to disabled.

Dealing with firewalld was also initially simple as well:

[code language=”bash”]# systemctl stop firewalld[/code]

The problem with this approach is that I was completely disabling my server’s software firewall. The proper approach would be to create a ruleset that allows for the various ports of Plex Media Server to be open in my server’s active firewalld zone.

Fortunately this is relatively easy to accomplish:

  1. Create the new service configuration file in the services directory
    [code language=”bash”]# vi /etc/firewalld/services/plexmediaserver.xml[/code]
  2. Next add the ruleset using the XML format established for firewalld rules[code language=”xml”] plexmediaserver Plex TV Media Server


  3. Save the service file
  4. Reload the firewalld configs [code language=”bash”]# firewall-cmd –reload


  5. Add the service to your active zone (by default it is the public zone, but I have changed my default zone to be the home zone)
  6. [code language=”bash”]# firewall-cmd –permanent –zone=public –add-service=plexmediaserver
  7. Restart the firewalld service[code language=”bash”]# systemctl restart firewalld.service[/code]
  8. You can get the defined service list from firewalld as follows: [code language=”bash”]# firewall-cmd –get-services

    RH-Satellite-6 amanda-client bacula bacula-client dhcp dhcpv6 dhcpv6-client dns freeipa-ldap freeipa-ldaps freeipa-replication ftp high-availability http https imaps ipp ipp-client ipsec iscsi-target kerberos kpasswd ldap ldaps libvirt libvirt-tls mdns mountd ms-wbt mysql nfs ntp openvpn plexmediaserver pmcd pmproxy pmwebapi pmwebapis pop3s postgresql proxy-dhcp radius rpc-bind rsyncd samba samba-client smtp ssh telnet tftp tftp-client transmission-client vdsm vnc-server wbem-https[/code]

Now that this is done you should be able to hit the Plex Media Server web interface from a web browser on any other machine in your network.

%d bloggers like this: