Linux firewall open port

by

What is a Firewall

A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on the rules defined. Basically used to determine and block untrusted network to access out system.

Types of Firewall?

software based
Running on operating System
Hardware Based
A dedicated appliance with Firewall software between two different networks (mostly used by network team)

Tools on Linux for Managing Firewall?

  • iptables
  • firewalld – newer version of centos,Redhat,Fedora etc.
  • Listing,Adding,Deleting firewalld rules.
Check if firewalld Service is installed?

rpm -qa | grep firewalld

grep firewall
Stop/Start firewalled service?
  • Systemctl start/enable firewalld
  • systemctl stop/disable firewalld
  • systemctl status firewalld
  • systemctl restart firwalld
systemctl status firewalld
Systemctl stop firewalld.service
Systemctl start firewalld.service
systemctl status firewalld.service
Check the rules of firewalld
Listing of all the services firewalld is aware of:
  • # firewall -cmd –get-services
To reload the config of firewalld
  • # firewall-cmd –reload
Firewall has multiple zone, to get list
  • #firewall-cmd –get-zones
To see the list of active zones
  • #firewall-cmd –get-active-zones
To get firewall rules for a specific zone
  • #firewall-cmd –zone=public –list-all
To add or remove a service
  • #firewall-cmd –add-service=<name_of_service>
  • #firewall-cmd –remove-service=<name_of_service>
To reload the config
  • #firewall-cmd –reload
To add or remove a service permanently

firewall-cmd –add-service= –permanent
firewall-cmd –remove-service= –permanent

firewall-cmd –add-service= –permanent

To add remove a port

firewall-cmd –add-port-20201/tcp
firewall-cmd –remove-port=20201/tcp

TO block incoming traffic from an IP

firewall-cmd –add-rich-rule=’ rule

family=”ipv4″
source address=”192.168.0.0″
reject

To block outgoing traffic to a ip or url

firewall-cmd –direct –add-rule
ipv4 filter OUTPUT 0
-d -j DROP

TO block ICMP Incoming traffic

firewall-cmd –add-icmp-block-inversion

Leave a Comment