Facebook Twitter Instagram
    TecAdmin
    • Home
    • FeedBack
    • Submit Article
    • About Us
    Facebook Twitter Instagram
    TecAdmin
    You are at:Home»Linux Tutorials»Securing Your Linux Server with FirewallD: A Step-by-Step Guide

    Securing Your Linux Server with FirewallD: A Step-by-Step Guide

    By RahulMarch 6, 20233 Mins Read

    Securing your Linux server is a critical step in ensuring the safety of your data and applications. One of the most important tools for achieving this is FirewallD, a dynamic firewall management tool that comes pre-installed on many Linux distributions. In this step-by-step guide, we’ll walk you through how to use FirewallD to secure your Linux server.

    Advertisement

    Step 1: Check if FirewallD is installed and running

    The first step is to check if FirewallD is already installed and running on your system. You can do this by running the following command in the terminal:

    sudo systemctl status firewalld 
    

    If FirewallD is not installed, you can install it using your distribution’s package manager. For example, on Ubuntu, you can run:

    sudo apt-get install firewalld 
    

    Step 2: Configure FirewallD zones

    The next step is to configure FirewallD zones. Zones are predefined sets of rules that specify what traffic is allowed or denied. For example, the public zone may allow incoming HTTP and HTTPS traffic, while the internal zone may allow all traffic from the local network. To view the available zones, run the following command:

    sudo firewall-cmd --get-zones 
    

    To add a new zone, run the following command:

    sudo firewall-cmd --permanent --new-zone=zone_name 
    

    Replace “zone_name” with the name of the new zone. You can then configure the rules for the zone using the --add-* and --remove-* options. For example, to allow incoming SSH traffic on the public zone, run:

    sudo firewall-cmd --permanent --zone=public --add-service=ssh 
    

    Step 3: Configure FirewallD services

    In addition to zones, FirewallD also uses services to define the type of traffic that is allowed or denied. Services are predefined sets of rules that specify the ports and protocols that are allowed or denied. To view the available services, run the following command:

    sudo firewall-cmd --get-services 
    

    To add a new service, create a new XML file in the “/etc/firewalld/services/” directory. The file should contain the rules for the service, including the ports and protocols that are allowed or denied.

    Step 4: Enable FirewallD and reload the configuration

    Once you have configured the zones and services, you can enable FirewallD and reload the configuration. To do this, run the following commands:

    sudo systemctl enable firewalld 
    sudo systemctl start firewalld 
    sudo firewall-cmd --reload 
    

    This will enable FirewallD on your system and reload the configuration.

    Step 5: Test the firewall configuration

    The final step is to test the firewall configuration to ensure that it is working as expected. You can do this by running the following command:

    sudo firewall-cmd --get-active-zones 
    

    This command will display the active zones and the rules that are applied to each zone. You can also use tools like nmap to test the firewall configuration by scanning your system for open ports.

    Conclusion

    In this guide, we’ve shown you how to use FirewallD to secure your Linux server. By configuring zones and services, enabling FirewallD, and testing the configuration, you can ensure that your system is protected from unauthorized access and potential security threats.

    firewall firewalld
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email WhatsApp

    Related Posts

    Firewalld: Common Firewall Rules and Commands

    Understanding 2>&1 in Bash: A Beginner’s Guide

    How to Choose the Best Shebang (#!) for Your Shell Scripts

    View 1 Comment

    1 Comment

    1. Sudheer on August 9, 2020 12:54 am

      Great Article Rahul. I really got good conceptual explanation of zones/services/ports of firewalld from this.
      Thanks a lot, please keep this up.

      Reply

    Leave A Reply Cancel Reply

    Advertisement
    Recent Posts
    • Implementing a Linux Server Security Audit: Best Practices and Tools
    • cp Command in Linux (Copy Files Like a Pro)
    • 15 Practical Examples of dd Command in Linux
    • dd Command in Linux (Syntax, Options and Use Cases)
    • Iptables: Common Firewall Rules and Commands
    Facebook Twitter Instagram Pinterest
    © 2023 Tecadmin.net. All Rights Reserved | Terms  | Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.