Posted on
Software

firewalld: Dynamically managed firewall

Author
  • User
    Linux Bash
    Posts by this author
    Posts by this author

firewalld: Dynamically Managed Firewall

In the world of Linux, ensuring the security of your system is paramount. firewalld is one of the most popular firewall management tools, offering a dynamic, flexible way to manage your system's firewall settings without the need for restarting the firewall service after tweaks or changes. This blog will introduce you to firewalld, guide you through its benefits, and provide detailed installation instructions across different Linux distributions using various package managers.

What is firewalld?

firewalld is a firewall management solution that provides a configurable and manageable way to protect your Linux system from unauthorized access. Unlike the traditional iptables, firewalld operates on the concept of zones and services, which allows for more refined and easily understandable firewall rules management. The tool dynamically manages the rules without requiring service restarts, which means your system's firewall adjustments can be done without dropping existing connections.

Key Features of firewalld

  • Dynamic Updates: Apply changes without restarting the firewall daemon.

  • Zones: Define different levels of trust for network connections or interfaces.

  • Services: Easily manage predefined rules for common services.

  • Rich Language: Allows more complex firewall rules.

  • Interfaces and Sources: Directly assign specific network interfaces and sources to defined zones.

  • Masquerading and Port Forwarding: Support for NAT and port redirection.

Installing firewalld

The installation process of firewalld varies slightly depending on the Linux distribution. Below, you’ll find instructions for three of the most common package managers: apt, dnf, and zypper.

1. Debian/Ubuntu (apt package manager)

To install firewalld on a Debian-based distribution like Ubuntu, use the apt package manager. Open your terminal and run the following commands:

sudo apt update
sudo apt install firewalld

After installation, enable and start the service:

sudo systemctl enable --now firewalld
2. Fedora/CentOS/RHEL (dnf package manager)

For those using Fedora or other RHEL-based distributions, dnf is the default package manager. To install firewalld, open your terminal and execute:

sudo dnf install firewalld

Once installed, enable and start the firewalld service:

sudo systemctl enable --now firewalld
3. openSUSE (zypper package manager)

If you are on openSUSE, zypper is the package manager to use. Install firewalld by running:

sudo zypper install firewalld

Then, enable and start the firewalld service:

sudo systemctl enable --now firewalld

Configuring firewalld

Once firewalld is installed, you can begin configuring it. The default setup is usually sufficient for basic operations, but you may want to adjust settings based on your specific needs. You can manage firewalld settings using the firewall-cmd command-line tool. Here’s how to get started:

  • Listing active zones:

    sudo firewall-cmd --get-active-zones

  • Setting the default zone:

    sudo firewall-cmd --set-default-zone=public

  • Adding services to a zone:

    sudo firewall-cmd --zone=public --add-service=http --permanent

  • Reloading to apply changes:

    sudo firewall-cmd --reload

This is just a primer to get you started with firewalld. The tool has many more functionalities and options that can be tailored to your environment.

Conclusion

firewalld stands out as an essential tool for managing firewalls in Linux due to its flexibility and dynamic configuration abilities. Whether you’re running a server or using a desktop, proper firewall settings are key to ensuring your system is protected against unauthorized access.

For detailed documentation and advanced configurations, check the official firewalld documentation. Happy secure computing!

Related posts