What is a Firewall
A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on the rules defined. Basically used to determine and block untrusted network to access out system.
Types of Firewall?
software based
Running on operating System
Hardware Based
A dedicated appliance with Firewall software between two different networks (mostly used by network team)
Tools on Linux for Managing Firewall?
- iptables
- firewalld – newer version of centos,Redhat,Fedora etc.
- Listing,Adding,Deleting firewalld rules.
Check if firewalld Service is installed?
rpm -qa | grep firewalld
Stop/Start firewalled service?
- Systemctl start/enable firewalld
- systemctl stop/disable firewalld
- systemctl status firewalld
- systemctl restart firwalld
systemctl status firewalld
Systemctl stop firewalld.service
Systemctl start firewalld.service
systemctl status firewalld.service
Check the rules of firewalld
Listing of all the services firewalld is aware of:
- # firewall -cmd –get-services
To reload the config of firewalld
- # firewall-cmd –reload
Firewall has multiple zone, to get list
- #firewall-cmd –get-zones
To see the list of active zones
- #firewall-cmd –get-active-zones
To get firewall rules for a specific zone
- #firewall-cmd –zone=public –list-all
To add or remove a service
- #firewall-cmd –add-service=<name_of_service>
- #firewall-cmd –remove-service=<name_of_service>
To reload the config
- #firewall-cmd –reload
To add or remove a service permanently
firewall-cmd –add-service= –permanent
firewall-cmd –remove-service= –permanent
firewall-cmd –add-service= –permanent
To add remove a port
firewall-cmd –add-port-20201/tcp
firewall-cmd –remove-port=20201/tcp
TO block incoming traffic from an IP
firewall-cmd –add-rich-rule=’ rule
family=”ipv4″
source address=”192.168.0.0″
reject
To block outgoing traffic to a ip or url
firewall-cmd –direct –add-rule
ipv4 filter OUTPUT 0
-d -j DROP
TO block ICMP Incoming traffic
firewall-cmd –add-icmp-block-inversion