Firewall is a security system that protects the network from unauthorized access. It is a crucial component of the network security system. In Red Hat Enterprise Linux (RHEL), the firewall rules are managed by the firewall-cmd command-line tool. This blog will provide an in-depth guide on how to view and manage firewall rules in RHEL.
Prerequisites
To follow along with this guide, you need to have a basic understanding of the command-line interface and firewall concepts. Additionally, you should have a RHEL system up and running.
Viewing Firewall Rules
In RHEL, the default firewall management tool is firewalld, which provides a dynamic firewall solution with support for network “zones” and the ability to apply different firewall rules to different network interfaces. To view the current firewall configuration, you can use the firewall-cmd –list-all command.
$ sudo firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: enp0s3
sources:
services: dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
This command will show the firewall rules, including the default zone and active services.
Managing Firewall Rules
To manage the firewall rules, you need to use the firewall-cmd command. There are various options available for managing the firewall rules, including adding, modifying, and deleting rules.
Adding Firewall Rules
To add a firewall rule, you need to use the following command:
firewall-cmd --permanent --zone=public --add-service=http
In this example, we are adding the HTTP service to the public zone. The –permanent option will make the changes permanent, meaning they will persist across reboots.
Modifying Firewall Rules
To modify a firewall rule, you need to delete the existing rule and then add a new rule. For example, to modify the HTTP service in the public zone, you would run the following commands:
firewall-cmd --permanent --zone=public --remove-service=http
firewall-cmd --permanent --zone=public --add-service=https
In this example, we are modifying the HTTP service to HTTPS in the public zone.
Deleting Firewall Rules
To delete a firewall rule, you need to use the following command:
firewall-cmd --permanent --zone=public --remove-service=https
In this example, we are removing the HTTPS service from the public zone.
5 Tips for Viewing & Managing Firewall Rules in RHEL
- Always make the changes permanent when modifying firewall rules to ensure they persist across reboots.
- Always verify the firewall rules after making changes to ensure they are correct.
- Keep the firewall rules minimal to reduce the attack surface.
- Always test the firewall rules before deploying them to a production environment.
- Keep a backup of the firewall rules in case you need to revert to an older version.
Conclusion
In conclusion, the firewall-cmd command-line tool provides a powerful and flexible way to view and manage firewall rules in RHEL. By following this guide, you will be able to manage firewall rules effectively and efficiently. To learn more about firewall-cmd, you can read the official documentation. To test your skills, try adding, modifying, and deleting firewall rules on your RHEL system. Good luck!