Beginners Guide to Firewalld
Hey everyone, this post will hopefully give you a pretty decent understanding of firewalld, if you still can't get the hang of it, feel free to get in touch.
FIREWALL TUTORIAL
admin
1/3/20243 min read
Why are you writing this article on a Windows Server-based Website?
Essentially I had been working with this tool at work and hadn't wrote a blog post in a while and thought I'd quickly spin one up while I had the idea still fresh in my head, completely forgetting that my website is called WinServerPro. So here is the first Linux tutorial on this website, enjoy.
What is firewalld?
Firewalls play a crucial role in securing computer systems and networks by controlling incoming and outgoing traffic. Firewalld is a powerful firewall management tool commonly used on Linux distributions, such as CentOS and Ubuntu. In this tutorial, we will explore the basics of Firewalld and learn how to accept and deny connections based on ports, IP addresses and zones. This tutorial won't be too in depth, but should definitely give you a decent understanding of the capabilities and user experience of this tool.
Understanding Firewalld:
Firewalld replaces the traditional iptables service and offers a more simplified approach to firewall configuration (Pretty much it's just a bit easier to use than iptables). Firewalld uses zones to define network trust levels and assigns different rules to each zone.
Getting Started with Firewalld:
To begin, ensure that Firewalld is installed on your Linux distribution. You can check its status by running the following command in the terminal (No quotation marks required):
"sudo systemctl status firewalld"
If Firewalld is not installed, you can install it using the package manager specific to your distribution, such as `apt` for Ubuntu or `yum` for CentOS (This may also differ from other distros, if you need help with firewalld on a different distro, feel free to drop an email at admin@winserverpro.com)
Managing Zones:
Firewalld uses zones to define different levels of trust for network connections. By default, three zones are available: public, internal, and trusted. You can list the available zones using the following command:
" sudo firewall-cmd --get-zones"
To assign a zone to a network interface, use the following command:
"sudo firewall-cmd --zone= --change-interface= "
Allowing Connections based on Ports:
To allow incoming connections on specific ports, you can use the `--add-port` flag followed by the port number and protocol. For example, to allow incoming SSH connections (Although I wouldn't recommend this unless you have other rules in place) on port 22, run the following command:
"sudo firewall-cmd --zone= --add-port=22/tcp --permanent"
To remove a port from the allowed list, use the `--remove-port` flag:
"sudo firewall-cmd --zone= --remove-port=22/tcp --permanent"
Denying Connections based on Ports:
To deny incoming connections on specific ports (In my opinion, all connections from ports that aren't in use should be explicitly denied), you can use the `--add-rich-rule` flag followed by the rule definition. For example, to deny incoming HTTP connections on port 80, run the following command:
"sudo firewall-cmd --zone= --add-rich-rule='rule family="ipv4" port port=80 protocol=tcp reject' --permanent"
To remove a rule, use the `--remove-rich-rule` flag:
"sudo firewall-cmd --zone= --remove-rich-rule='rule family="ipv4" port port=80 protocol=tcp reject' --permanent"
Allowing or Denying Connections based on IP Addresses:
To allow or deny connections based on IP addresses, use the `--add-source` flag followed by the IP address and subnet mask. For example, to allow incoming connections from the IP address 192.168.1.10, run the following command:
"sudo firewall-cmd --zone= --add-source=192.168.1.10 --permanent"
To remove an IP address from the allowed or denied list, use the `--remove-source` flag:
"sudo firewall-cmd --zone= --remove-source=192.168.1.10 --permanent"
Applying Changes:
After making any changes to the firewall rules, reload the configuration for the changes to take effect:
"sudo firewall-cmd --reload"
These are the basics of firewalld. If you need any help, feel free to send an email below and I will respond to you swiftly.
©2023