Firewalld is a firewall system that uses zones and services to manage

Install firewalld

Step 1: To use the firewalld installation package, use the command

yum install firewalld 

Step 2: Then select yes to agree to download and install

Step 3: After the installation is complete to launch the firewalld service use the command

systemctl start firewalld 

Step 4: To check the service runs successfully use the command

systemctl status firewalld

Step 5: If you want, every time you start your computer on firewalld, start using the command

systemctl enable firewalld

Step 6: Check again using command

systemctl is-enabled firewalld

Step 7: Stop the firewalld service using the command

systemctl stop firewalld

or

systemctl disable firewalld

Step 8: List the zones using the . command

firewall-cmd –get-zones

Step 9: See which zone is default using the command

firewall-cmd –get-default-zone

Step 10: Change the default zone like public to work using the command

firewall-cmd –set-default-zone=word

Step 11: Then check again with the command

firewall-cmd –get-default-zone

Step 12: List rules in zones using command

firewall-cmd –list-all-zones

Step 13: The public zone shows that it is enabled and working by default using the ens192 network card running the dhcpv6 and ssh service

Step 14: Or you can use the command to see the running service

firewall-cmd –zone=public –list-services

Step 15: See the ports that are allowed to use the command

firewall-cmd –zone=public –list-ports

Step 16: View the system’s services using the command

firewall-cmd –get-services

Step 17: Allow the dhcp service to run in the public zone using the command

firewall-cmd –zone=public –add-service=dhcp

Step 18: Check if the translation is allowed to use the command

firewall-cmd –zone=public –list-services

Step 19: To cancel service like dhcp use command

firewall-cmd –zone=public –remove-service=dhcp

(or add –permanent if the service cannot be removed)

Step 20: add port 300 to the firewall’s public zone with the command

firewall-cmd –zone=public –add-port=300/tcp

Step 21: Add a port range 301 to 400 on the public zone using the command

firewall-cmd –zone=public –add-port=301 -400/tcp

Step 22: Check the ports added to the public zone using the command

firewall-cmd –zone=public –list-ports

Step 23: Remove the added port with the command

firewall-cmd –zone=public –remove-port=300/tcp

Step 24: Add your own hung zone using the command

firewall-cmd –permanent –new-zone=hung

Step 25: After adding the hung zone, reload the service with the command

firewall-cmd –reload

Step 26: Check again with the command

firewall-cmd –get-zones

Step 27: After creating the zone, you can make it default and add services and ports

Conclusion

We have just completed the basic steps of using firewalld on cenos7, where we can exploit and use to manage the operating system.

Thank you for reading.

Bé Snake