Firewalld 101: Exploring the Basics of Linux Firewall Management

    skycentral.co.uk | Firewalld 101: Exploring the Basics of Linux Firewall Management

    Firewalld 101: Exploring the Basics of Linux Firewall Management


    Firewalls play a crucial role in the security of any computer network, including Linux systems. In the Linux world, one popular firewall management tool is Firewalld – a dynamically-managed firewall solution that simplifies the task of network security administration. In this article, we will explore the basics of Firewalld and how it can be effectively used to manage firewalls on Linux systems.

    Understanding Firewalld

    Firewalld is a firewall management tool developed by the Red Hat team. It is a dynamically-managed firewall solution that provides a more flexible and user-friendly interface when compared to the traditional iptables firewall. Firewalld is based on the concept of zones, services, sources, targets, and rules. These components work together to define the behavior of the firewall and provide granular control over network traffic.


    One of the fundamental concepts in Firewalld is zones. Zones define the level of trust assigned to a particular network connection. Firewalld provides several predefined zones such as public, trusted, and internal. Each zone has its own set of rules that determine how incoming and outgoing traffic is handled. For example, the public zone is used for untrusted networks, while the trusted zone is used for trusted networks.


    Firewalld also introduces the concept of services. Services are preconfigured sets of rules that define access to specific network services or ports. Services simplify the management of firewall rules by allowing administrators to assign commonly used network services to zones. Services can be managed using the firewall-cmd command-line tool or through graphical user interfaces (GUIs) like the firewall-config tool.


    Another important concept in Firewalld is sources. Sources represent different network sources or network ranges. Sources are used to define the origin of network traffic and allow or deny access based on the source IP address. Firewalld provides several predefined sources such as ipset, address, interface, and more. These sources can be used to apply specific firewall rules based on the network source.


    Targets in Firewalld define the destination of network traffic. They can be used to forward incoming network traffic to specific ports or services. For example, you can define a target to forward all HTTP traffic to a web server running on port 80. Targets, combined with zones, allow administrators to define complex forwarding and routing rules within the firewall.


    Rules are the heart of Firewalld. Rules are used to define the behavior of the firewall and determine which network traffic should be allowed or blocked. Firewalld provides an extensive range of rule options, allowing administrators to create highly specific rules based on various criteria such as source, destination, service, port, and more. Rules can be added, removed, or modified using the firewall-cmd command-line tool or any GUI tool that supports Firewalld.

    Managing Firewalld

    Firewalld provides a variety of tools to manage and configure the firewall on Linux systems. The most commonly used command-line tool is firewall-cmd. With firewall-cmd, administrators can add, remove, and modify rules, zones, services, sources, and targets. For example, to add a new rule to allow SSH traffic, the following command can be used: `firewall-cmd –add-service=ssh`. Additionally, Firewalld can be managed through the graphical user interface tools such as firewall-config or directly through the command-line interface.

    Enabling and Disabling Firewalld

    By default, Firewalld is enabled on most Linux distributions. However, there might be scenarios where it is necessary to disable the firewall temporarily. To disable Firewalld, the following command can be used: `systemctl stop firewalld`. Alternatively, to enable Firewalld, the following command can be used: `systemctl start firewalld`. Additionally, Firewalld can be permanently disabled by running: `systemctl disable firewalld`.


    Firewalld is a powerful and user-friendly firewall management tool for Linux systems. With its flexible zone-based approach, services, sources, targets, and rules, Firewalld provides granular control over network traffic and simplifies the administration of firewalls. Whether you are a system administrator or a Linux enthusiast, understanding the basics of Firewalld can greatly enhance the security of your Linux systems. So, dive into Firewalld, explore its features, and start protecting your network today!