Linux FIREWALL Management

  1. What is Firewall
  2. Firewall Service in Linux
  3. Enable/disable firewall
  4. How to see the existing Firewall rule?
  5. Adding/removing parts
  6. Block incoming/outgoing Traffic
  7. Block ICMP

What is a Firewall?

A firewall is a network securing system that monitors and controls incoming and outgoing network traffic based on the rules defined 

It is a security software, firewall is a network security device that protects our network and computer from hackers, viruses and malware.

A firewall is installed between a private network and internet and all data exchanged the two passes through the firewall.

Firwall acts like a that protects the network form harmful data.

Types of Firewall

  1. Software Based
    Running on Operating system
  2. Hardware Based
    A dedicated application with firewall software between two different network (mostly used by network team)

Tools on Linux for managing firewall?

  1. iptables:- old distribution/version
  2. Firewall:- newer version of CentOS, RedHat, fedora Listing, Adding, deleting firewall rules

Check if firewalld service is installed?

# rpm -qa | grep firwalld

Stop/start firewalld service?

# systemctl start firewalld
# systemctl enable firewalld
# systemctl stop firewalld
# systemctl disable firewalld
# systemctl status firewalld
# systemctl restart firewalld

Check the rules of firewalld

# firewall-cmd --list-all

Listing of all the service firewalld is aware of

# firewall-cmd --get-services

To reload the config of firewalld

# firewall-cmd --reload

Firewall has multiple zones, to get list

# firewall-cmd --get-zones

 

To see the list of active zones

# firewall-cmd --get-active-zones

 

To get firewall rules for a specific zone

# firewall-cmd --zone=public --list all

To add or remove a service

# firewall-cmd --add-service=<name_of_service>
# firewall-cmd --remove-service=<name_of_service>

To reload the config

# firewall-cmd --reload

To add or remove a service permanently

# firewall-cmd --add-service=<name_of_service> --permanent
# firewall-cmd --remove-service=<name_of_service> --permanent

To add or remove a port

# firewall-cmd --add-port=80/tcp
# firewall-cmd --remove-port=80/tcp

To block incoming traffic from and IP

# firewall-cmd --add-rich-rule='rule family="ipv4" source address="192.168.1.5"'

To block outgoing traffic to a IP or URL

# firewall-cmd --direct --add-rule ipv4 filter OUTPUT 0 -d <IP> -J DROP

To block ICMP incoming traffic

# firewall-cmd --add-icmp-block-inversion

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *