Firewalld on AlmaLinux and Rocky Linux

shape
shape
shape
shape
shape
shape
shape
shape

Firewalld is a powerful tool for firewall management on Linux systems, especially on AlmaLinux and Rocky Linux, two distributions widely adopted as alternatives to CentOS. In this article, we’ll explain how to install, configure and manage Firewalld on AlmaLinux and Rocky Linux, ensuring security and traffic control for your server.

Definition

Firewalld is a dynamic firewall service designed to simplify the administration of firewall rules. It uses a user-friendly, zone-based interface, allowing the administrator to configure different levels of protection for different networks and interfaces. In addition, Firewalld is compatible with iptables, making it easy to integrate and use in modern Linux distributions.

Advantages

  • Zone-based configuration: Allows you to define different security policies for different networks.
  • Dynamic management: Allows you to add and remove firewall rules without having to restart the service.
  • Intuitive interface: Simple commands for management and a graphical interface available for those who prefer not to use the terminal.

Installation on AlmaLinux and Rocky Linux

In many cases, Firewalld is already pre-installed on these distributions. To check if it’s already on your system, just use the command: 

firewalld --version

If Firewalld is not installed, you can install it with the following commands:

sudo dnf install firewalld -y

After installation, the service must be enabled and started:

sudo systemctl enable firewalld
sudo systemctl start firewalld

To check that Firewalld is running correctly, use:

sudo systemctl status firewalld

Concept of Zones

Firewalld organizes its security rules based on zones, which represent different levels of trust for network connections. Some of the most common zones include:

  • Public: Zone used for public and less reliable networks. Only essential services are allowed.
  • Home: Used for home networks, where security is less strict.
  • Work: For work networks, allowing a little more freedom while maintaining security.
  • Internal: Internal zone for trusted networks.

To list all available zones, run:

sudo firewall-cmd --get-zones

Configuring Rules

Listing Active Rules

To see the active rules and settings in a specific zone, run:

sudo firewall-cmd --list-all --zone=public

Adding and Removing Services

In Firewalld, you can allow or block services in specific zones. For example, to allow the SSH service in the “public” zone, run: 

sudo firewall-cmd --zone=public --add-service=ssh --permanent

The option --permanent ensures that the rule remains after a restart. If you want the rule to work immediately without restarting the service, remove --permanent and reload Firewalld: 

sudo firewall-cmd --reload

To remove the SSH service, use:

sudo firewall-cmd --zone=public --remove-service=ssh --permanent

Releasing Specific Ports

To open a specific port, such as port 8080 for a web application, run:

sudo firewall-cmd --zone=public --add-port=8080/tcp --permanent

And again, reload the settings to apply them:

sudo firewall-cmd --reload

Blocking Traffic from Specific IPs

To block traffic from a specific IP, use the following command:

sudo firewall-cmd --add-rich-rule="rule family='ipv4' source address='192.168.1.100' reject" --permanent

This command blocks the IP address 192.168.1.100. To unblock it, change reject to accept.

Useful Management Commands

  • Check Active Zone:
  sudo firewall-cmd --get-active-zones
  • Change Default Zone:
  sudo firewall-cmd --set-default-zone=home
  • Temporarily disable Firewalld:
  sudo systemctl stop firewalld
  • Reactivate the Firewalld:
  sudo systemctl start firewalld

Graphical Firewall (Optional)

For those who prefer a graphical interface, you can install firewall-config, which offers a user-friendly interface for managing Firewalld. To install it, use: 

sudo dnf install firewall-config -y

After installation, run the command firewall-config to open the graphical interface and configure your rules.

Conclusion

Firewalld is an indispensable security tool for AlmaLinux and Rocky Linux, allowing dynamic and intuitive control over firewall rules. With simple commands and a zone-based organization, it makes firewall configuration much easier, helping administrators to protect their servers in an effective and practical way.

Take the opportunity to explore Firewalld and create customized security policies for each environment, ensuring optimal security for your infrastructure.

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest news

Latest news directly from our blog.

How cloud computing is transforming the business world

How cloud computing is transforming the business world

What is a QOTD reflection DDoS attack?

What is a QOTD reflection DDoS attack?

Virtualized servers with NVMe

Virtualized servers with NVMe

DDoS Reflection Attacks by mDNS

DDoS Reflection Attacks by mDNS

Install and configure L2TP/IPSec VPN on Windows Server 2022

Install and configure L2TP/IPSec VPN on Windows Server 2022

IT Dictionary

IT Dictionary