Firewalld is a firewall system that uses zones and services to manage
mục lục
- Install firewalld
- Step 1: To use the firewalld installation package, use the command
- Step 2: Then select yes to agree to download and install
- Step 3: After the installation is complete to launch the firewalld service use the command
- Step 4: To check the service runs successfully use the command
- Step 5: If you want, every time you start your computer on firewalld, start using the command
- Step 6: Check again using command
- Step 7: Stop the firewalld service using the command
- or
- Step 8: List the zones using the . command
- Step 9: See which zone is default using the command
- Step 10: Change the default zone like public to work using the command
- Step 11: Then check again with the command
- Step 12: List rules in zones using command
- Step 13: The public zone shows that it is enabled and working by default using the ens192 network card running the dhcpv6 and ssh service
- Step 14: Or you can use the command to see the running service
- Step 15: See the ports that are allowed to use the command
- Step 16: View the system’s services using the command
- Step 17: Allow the dhcp service to run in the public zone using the command
- Step 18: Check if the translation is allowed to use the command
- Step 19: To cancel service like dhcp use command
- Step 20: add port 300 to the firewall’s public zone with the command
- Step 21: Add a port range 301 to 400 on the public zone using the command
- Step 22: Check the ports added to the public zone using the command
- Step 23: Remove the added port with the command
- Step 24: Add your own hung zone using the command
- Step 25: After adding the hung zone, reload the service with the command
- Step 26: Check again with the command
- Step 27: After creating the zone, you can make it default and add services and ports
- Conclusion
Install firewalld
Step 1: To use the firewalld installation package, use the command
yum install firewalld
Step 2: Then select yes to agree to download and install
Step 3: After the installation is complete to launch the firewalld service use the command
systemctl start firewalld
Step 4: To check the service runs successfully use the command
systemctl status firewalld
Step 5: If you want, every time you start your computer on firewalld, start using the command
systemctl enable firewalld
Step 6: Check again using command
systemctl is-enabled firewalld
Step 7: Stop the firewalld service using the command
systemctl stop firewalld
or
systemctl disable firewalld
Step 8: List the zones using the . command
firewall-cmd –get-zones
Step 9: See which zone is default using the command
firewall-cmd –get-default-zone
Step 10: Change the default zone like public to work using the command
firewall-cmd –set-default-zone=word
Step 11: Then check again with the command
firewall-cmd –get-default-zone
Step 12: List rules in zones using command
firewall-cmd –list-all-zones
Step 13: The public zone shows that it is enabled and working by default using the ens192 network card running the dhcpv6 and ssh service
Step 14: Or you can use the command to see the running service
firewall-cmd –zone=public –list-services
Step 15: See the ports that are allowed to use the command
firewall-cmd –zone=public –list-ports
Step 16: View the system’s services using the command
firewall-cmd –get-services
Step 17: Allow the dhcp service to run in the public zone using the command
firewall-cmd –zone=public –add-service=dhcp
Step 18: Check if the translation is allowed to use the command
firewall-cmd –zone=public –list-services
Step 19: To cancel service like dhcp use command
firewall-cmd –zone=public –remove-service=dhcp
(or add –permanent if the service cannot be removed)
Step 20: add port 300 to the firewall’s public zone with the command
firewall-cmd –zone=public –add-port=300/tcp
Step 21: Add a port range 301 to 400 on the public zone using the command
firewall-cmd –zone=public –add-port=301 -400/tcp
Step 22: Check the ports added to the public zone using the command
firewall-cmd –zone=public –list-ports
Step 23: Remove the added port with the command
firewall-cmd –zone=public –remove-port=300/tcp
Step 24: Add your own hung zone using the command
firewall-cmd –permanent –new-zone=hung
Step 25: After adding the hung zone, reload the service with the command
firewall-cmd –reload
Step 26: Check again with the command
firewall-cmd –get-zones
Step 27: After creating the zone, you can make it default and add services and ports
Conclusion
We have just completed the basic steps of using firewalld on cenos7, where we can exploit and use to manage the operating system.