Commands
In the article, we’ll delve into how to manage network connections using the NMCLI utility, a powerful command-line tool for configuring and controlling NetworkManager, which
Learn how to master firewall management using the firewall-cmd command in Linux. Discover essential techniques for configuring zones, services, ports, and rich rules to enhance your system’s security. Take control of your firewall configurations today!”
Are you looking to fortify your system’s security by effectively managing your firewall settings? Look no further! In this comprehensive guide, we’ll delve into the powerful capabilities of the firewall-cmd command, equipping you with the knowledge to navigate your firewall configurations like a pro.
Firewalls serve as crucial gatekeepers, regulating network traffic to protect your system from unauthorized access and potential threats. The firewall-cmd command, a part of the Firewalld firewall management tool in Linux systems, offers a user-friendly interface to configure and manage firewall rules.
Before diving into the intricacies of firewall-cmd, let’s ensure you have it installed on your system. Most modern Linux distributions come pre-installed with Firewalld. However, if you need to install it, you can do so using your package manager. For example, on CentOS/RHEL, you can install Firewalld with:
sudo yum install firewalld
sudo dnf install firewalld # For RHEL/CentOS version 8+
Once installed, start the Firewalld service and enable it to start on boot:
sudo systemctl enable --now firewalld
The firewall-cmd command follows a straightforward syntax:
firewall-cmd [OPTIONS] [ARGUMENTS]
To view the current firewall configuration, simply execute:
firewall-cmd --list-all
public (active) |
This command provides an overview of your firewall settings, including configured zones, services, ports, and source/destination addresses. In the output above, you can see that the firewall settings are configured to permit TCP traffic on ports 80, 443, and 7000. In addition, the cockpit, dhcp-client, and ssh services are also permitted.
Zones define the level of trust assigned to a particular network interface. The firewall-cmd command allows you to add, remove, or modify zones effortlessly. For instance, to add a new zone named “myzone,” use:
firewall-cmd --permanent --new-zone=myzone
To assign an interface to the newly created zone, execute:
firewall-cmd --permanent --zone=myzone --add-interface=eth0
firewall-cmd simplifies the process of permitting or blocking network services and ports. To allow SSH traffic, for example, use:
firewall-cmd --permanent --zone=public --add-service=ssh
Likewise, to open port 80 for HTTP traffic, execute:
firewall-cmd --permanent --zone=public --add-port=80/tcp
Rich rules offer fine-grained control over firewall settings, allowing you to define complex filtering criteria. Let’s say you want to allow incoming traffic from a specific IP address range (192.168.1.0/24) to access your web server on port 443. You can achieve this with a rich rule:
firewall-cmd --permanent --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.1.0/24" port port="443" protocol="tcp" accept'
Related Posts
In the article, we’ll delve into how to manage network connections using the NMCLI utility, a powerful command-line tool for configuring and controlling NetworkManager, which
Discover actionable insights into security vulnerabilities in containerized environments, from container breakouts to image vulnerabilities. Learn from real-world incidents like the Docker Hub breach and
Are you concerned about the security of your network? Learn about for network vulnerabilities scanning using NMAP, a powerful tool that can help you identify