Skip to main content

Firewall in Linux

 


Firewall:


>A wall that prevents the spread of the fire.


> A data moves in and out of the server its packet information is tested against the firewall rules to see if it should be allowed or not.


> In simple words, a firewall is like a watchman, a bouncer, or a shield that has a set of rules given and based on that rule they decide who can enter and leave.


>There are 2 types of firewall in IT:


1. software: runs on the operating system.


2. hardware: A dedicated appliance with firewall software.


************************************



firewalld: it works the same way as iptables but ofcourse it has its own commands.


#firewall-cmd


• It has a few predefined service rules that are very easy to turn on and off. Services such as NFS,NTP,httpd etc


• Firewalld also has the following:


>tables

>chains

>rules

>targets


@you can run one or the other: iptables or firewalld


**********************************

Make sure iptables is stopped disabled and mask


#systemctl stop iptables

#systemctl disable iptables

# systemctl mask iptables


•how to check if firewalld package is installed or not?


#rpm -qa | grep firewalld

#start firewalld

#systemctl start/enable firewalld



•check the rules of the firewalld

#firewalld-cmd  --list-all


• Get the listing of all services firewalld is aware of:

#firewalld-cmd  --get-services


• To make firewalld re-read the configuration added:

#firewall-cmd  --reload


• firewalld has multiple zone, to get the list of all zones:

#firewall-cmd  --get-zones


•get the list of active zones:

#firewall-cmd --get-active-zones



•get the firewall rules for public zone:

#firewall-cmd  --zone=public-list-all


• All the services are predefined by firewalld .What if you want to add a 3rd party service:


#/usr/lib/firewalld/services/allservices.xml

#simply copy any .xml file and change the services and port number.



•how to add the service to firewall(http service):

#firewall-cmd  --add-service=http



•how to remove the service from firewalld ?

#firewall-cmd   --add-service=http


•to reload the firewalld configuration:

#firewall-cmd  --reload


note: when you reload the firewalld configuration, the services that you have added permaneritly will be flushed. if you dont want firewall to flush the services, you need to add or remove the service permanently.


• To add or remove a service permanently:

#firewall-cmd  --add-service=http  --permanent

#firewall-cmd  --remove-service=http  --permanent


•to add the service which is not predefined by firewalld:

# /usr/lib/firewalld/services/allservices.xml

#simply copy any .xml file and change the service and port number

#firewall-cmd  --get-services

#firewall-cmd  --add-service-sap



•to add the port to firewall:

#firewall-cmd  --add-port=1110/tcp

#firewall-cmd    --list-all



 •to add the port to firewall permanently:

#firewall-cmd --add-port=1110/tcp --permanent



 •to remove the port:

#firewall-cmd --remove-port=1110/tcp



•To reject incoming traffic from an IP address:

#firewall-cmd  --add-rich-rule='rule family="ipv4" source address = "192.168.0.12" reject'



 •to block and unblock ICMP incoming traffic:

#firewall-cmd --add-icmp-block-inversion

#firewall-cmd --remove-icmp-block-inversion



•to block outgoing traffic to specify website/IP address:

#host -t  a  www.facebook.com   :find the ip of facebook

#firewall-cmd  --direct  --add-rule ipv4  filter OUTPUT  0-d  31.13.71.36  -j  DROP



Comments

Post a Comment

Popular posts from this blog

Post build configurations on Redhat VM

  ************************************* Post build configuration on Linux VM: ************************************* Set the hostname. hostnamectl set-hostname <Servername> ***************************************** Network configuration : Make sure VM gets the ipv4 ip address either from DHCP or assign the static ip address to it.   Question : How to assign the static ip address to the linux machine using the nmcli ?  Answer: fire the below commands: nmcli device nmcli connection modify enpos3 ipv4.addresses 10.253.1.34/24 nmcli connection modify enpos3 ipv4.gateway 10.253.1.1 nmcli connection modify enpos3 ipv4.method manual nmcli connection modify enpos3 ipv4.dns 8.8.8.8 nmli connection down enpos3 nmcli connection up enpos3 ip address show enpos3 nmcli connection show ************************†****************** Register to RHΝ. Register to redhat network if the linux vm is redhat vm. subscription-manager register --org <org>  --activationkey <activat...
Post a Comment
Read more

AWS cloud practitioner notes

 AWS Certified cloud practitioner: What is cloud computing? cloud computing is the on demand delivery of the compute power, database storage, applications and other IT resources through a cloud services platform with pay-as-you-go pricing. you can provision exactly the right type and size of the computing resources you need. you can access many resources as you need almost instantly like servers, storage,databases and application services as well. Amazon web services owns and maintains the network connected hardware required for these application services, while you provision and use what you need via a web application. ***************************************** Deployment models of Cloud: Private Cloud: Cloud service used by a single organisation, not exposed to the public. complete control. security of the sensitive applications meeting specific business needs. ********************** Public Cloud: Cloud resources owned and operated by the third party. cloud service provider delive...
Post a Comment
Read more