A Deep Dive into Firewall-cmd: Discovering Your Firewall Rules for Enhanced Network Security

    skycentral.co.uk | A Deep Dive into Firewall-cmd: Discovering Your Firewall Rules for Enhanced Network Security

    <span class="glossary-tooltip glossary-term-2359"><span class="glossary-link"><a href="https://skycentral.co.uk/glossary/a-deep-dive-into-firewall-cmd-discovering-your-firewall-rules-for-enhanced-network-security/">A Deep Dive into Firewall-cmd: Discovering Your Firewall Rules for Enhanced Network Security</a></span><span class="hidden glossary-tooltip-content clearfix"><span class="glossary-tooltip-text"><br /> <br /> <br /> <br /> A Deep Dive into Firewall-cmd: D...</span></span></span>


    Firewalls play a crucial role in protecting computer networks from unauthorized access and preventing malicious activities. As network security threats continue to evolve, it is vital to have a comprehensive understanding of your firewall rules and how they contribute to enhanced network security. In this article, we will take a deep dive into firewall-cmd – a powerful command-line utility that enables users to manage firewall rules in Linux distributions using the iptables infrastructure.

    Understanding firewall-cmd

    firewall-cmd is a command-line interface for configuring and managing firewalld – a dynamic firewall management daemon. It provides a user-friendly way to define and modify firewall rules, zones, services, ports, and other network settings. With firewall-cmd, one can easily control incoming and outgoing network traffic, specify allowed services, and configure network interfaces.

    Exploring Firewall Zones

    Firewall zones are predefined sets of rules that specify the level of trust and security for different network connections. firewall-cmd offers various default zones such as ‘public,’ ‘internal,’ ‘trusted,’ ‘block,’ ‘dmz,’ and ‘work.’ Understanding and utilizing the appropriate zone for a particular network connection is crucial for maintaining network security.

    Inspecting Existing Firewall Rules

    Before making any modifications to our firewall rules, it is essential to review and understand the existing rules. The firewall-cmd utility provides commands to inspect the current configuration and list all active rules. By running firewall-cmd --list-all, we can get an overview of our firewall setup, including zones, services, ports, and rich rules.

    Adding and Removing Firewall Rules

    Firewall rules act as filters that determine how incoming and outgoing network traffic should be handled. With firewall-cmd, adding and removing rules becomes a seamless process. For example, to allow incoming SSH connections, we can use the command firewall-cmd --zone=public --add-service=ssh. Conversely, to remove this rule, we execute firewall-cmd --zone=public --remove-service=ssh. These commands enable us to easily manage our firewall rules based on our network requirements.

    Enabling Port Forwarding

    Port forwarding is a technique that allows external devices to access services running on specific ports of an internal network. With firewall-cmd, enabling port forwarding is straightforward. By executing firewall-cmd --zone=public --add-forward-port=port=80:proto=tcp:toport=8080, we can forward incoming traffic from port 80 to port 8080. This functionality is particularly useful for scenarios like hosting web services behind a firewall.

    Using Rich Rules for Advanced Firewall Configuration

    While basic firewall rules are often sufficient, complex firewall setups may require more advanced configurations. This is where firewall-cmd‘s rich rules come into play. Rich rules provide granular control over network traffic based on source and destination addresses, ports, protocols, and other criteria. With rich rules, we can create sophisticated firewall configurations tailored to our specific needs.

    Applying Time-Based Firewall Rules

    Network security requirements may vary based on specific time periods. firewall-cmd allows us to apply firewall rules that are effective only during certain times. For instance, by running firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="" service name="ssh" log prefix="SSH access" accept', we can restrict SSH access from a specific IP range to a predefined time window, enhancing network security during critical periods.

    Managing Network Interfaces with firewall-cmd

    In addition to managing firewall rules, firewall-cmd also offers functionality for controlling network interfaces. We can use commands such as firewall-cmd --zone=public --change-interface=eth0 to switch an interface’s zone, or firewall-cmd --zone=public --add-interface=eth1 to add an interface to a specific zone. These commands enable us to easily manage network interfaces and apply appropriate firewall rules to specific connections.

    Saving and Reloading Firewall Rules

    After configuring and modifying our firewall rules, it is crucial to save our changes to persist across reboots. firewall-cmd provides commands such as firewall-cmd --runtime-to-permanent and firewall-cmd --reload to respectively save the runtime configuration to permanent settings and reload the firewall rules without restarting the entire system. These commands ensure that our firewall configuration remains intact even after system restarts or network service reloads.


    In an increasingly interconnected world, network security is of utmost importance. Understanding your firewall rules using firewall-cmd is a key step towards enhancing the security of your computer network. With its user-friendly interface and powerful features, firewall-cmd empowers system administrators to configure and manage firewall rules efficiently. By exploring its various functionalities like inspecting existing rules, adding/removing rules, enabling port forwarding, using rich rules, applying time-based rules, managing network interfaces, and saving/reloading configurations, you can strengthen your network’s defense against potential threats.