Introduction
FirewallsCyber Espionage: The act or practice of obtaining secrets an... are an essential component of securing your computer system from external threats. They act as a barrier between your network and the rest of the world, controlling incoming and outgoing network trafficIntrusion Detection System (IDS): A system that monitors net... based on predetermined security rules. In this tutorial, we will explore how to secure your system using the firewall-cmd utility, which is a command-line interface for managing firewall rulesA firewall is a network security system that monitors and co... on systems running Linux.
Installing Firewall-cmd
Before we delve into the steps of securing your system using firewall-cmd, let’s first ensure that it is installed on your Linux system. For most modern Linux distributions, firewall-cmd comes preinstalled. To check if it is installed, open a terminal and type the following command:
$ firewall-cmd --version
If the command returns a version number, it means firewall-cmd is already installed. Otherwise, you can install it using your distribution’s package manager. For example, on Ubuntu, you can install firewall-cmd by running the following command:
$ sudo apt-get install firewalld
Enabling and Starting Firewall-cmd
Once firewall-cmd is installed on your system, you need to enable and start it. To enable firewall-cmd, open a terminal and run the following command as root or with sudo privileges:
# systemctl enable firewalld
This command will ensure that firewall-cmd starts automatically every time your system boots up.
Next, to start the firewall-cmd service immediately, type the following command:
# systemctl start firewalld
You can verify the status of the firewall-cmd service by running the following command:
# systemctl status firewalld
If the service is active and running, you are ready to proceed.
Basic Firewall-cmd Usage
Before we dive into creating specific firewall rulesSession Hijacking: An attack where an unauthorized user take..., let’s explore some basic usage of firewall-cmd. The utility uses the concept of zones to define different levels of trust for network connections. By default, most Linux distributions set up firewall-cmd with the following zones: public, internal, and trusted.
To view the currently active zones, type the following command:
$ firewall-cmd --get-active-zones
This will display a list of currently active zones and any interfaces associated with them.
To check the default zone, which determines the behavior for unconfigured connections, use the following command:
$ firewall-cmd --get-default-zone
You can also view the settings of a specific zone by running the following command, replacing ‘zone_name’ with the name of the zone you want to view:
$ firewall-cmd --zone=zone_name --list-all
Creating FirewallIncognito Mode: A privacy setting in web browsers that preve... Rules
Now that we have a basic understanding of firewall-cmd, let’s focus on creating some specific firewall rules to enhance the security of your system.
To add a rule that allows incoming traffic on a specific port, use the following command, replacing ‘port_number’ with the desired port number and ‘zone_name’ with the appropriate zone:
$ firewall-cmd --zone=zone_name --add-port=port_number/tcp
Similarly, to add a rule that allows outgoing traffic on a specific port, use the following command:
$ firewall-cmd --zone=zone_name --add-port=port_number/tcp
To make these rules permanent, you need to reload the firewall configuration. Run the following command to ensure the changes are saved:
$ firewall-cmd --reload
Blocking Specific IP Addresses
In addition to allowing or denying traffic based on ports, you can also block specific IP addresses from accessing your system. To block an IP addressGDPR (General Data Protection Regulation): A regulation intr..., use the following command:
$ firewall-cmd --zone=zone_name --add-source=IP_address --permanent
Replace ‘zone_name’ with the appropriate zone and ‘IP_address’ with the IP address you want to block. Note that the ‘–permanent’ flag ensures that the rule remains persistent even after a system restart. To apply the changes immediately, run the following command:
$ firewall-cmd --reload
Creating Custom Zones
By default, firewall-cmd provides three zones, but you can also create custom zones to meet your specific needs. To create a new zone, use the following command:
$ firewall-cmd --permanent --new-zone=zone_name
Replace ‘zone_name’ with the desired name for your custom zone. Once the zone is created, you can modify its settings using the ‘–zone=zone_name’ flag in conjunction with the appropriate firewall-cmd commands.
To make the new custom zone the default zone, run the following command:
$ firewall-cmd --set-default-zone=zone_name
This ensures that any unconfigured connections are subject to the rules defined in your custom zone.
Conclusion
In this tutorial, we have explored how to secure your system using the firewall-cmd utility. We covered the installation and enabling of firewall-cmd, as well as basic usage and the creation of firewall rules. We also discussed blocking specific IP addresses and creating custom zones. By following these steps, you can enhance the security of your system and protect it from potential external threats. Remember to always keep your firewall rules up to date and regularly monitor your system for any unauthorized access attempts.