Introduction:
A firewall is an essential security measure that helps protect your server from unauthorized access and potential threats. Rocky Linux 9 comes with firewalld, a powerful and flexible firewall management tool. In this step-by-step guide, we will walk you through the process of setting up a firewall using firewalld on Rocky Linux 9.
Step 1: Check Firewall Status:
Before configuring the firewall, it’s helpful to check the current status of firewalld. Open a terminal on your Rocky Linux 9 server and run the following command:
sudo systemctl status firewalld
This command will display the status of the firewall service.
Step 2: Install firewalld (if not already installed):
If firewalld is not installed on your system, you can install it using the package manager. Run the following command:
sudo dnf install firewalld
Step 3: Start and Enable firewalld:
To start the firewalld service and ensure it starts automatically on system boot, run the following commands:
sudo systemctl start firewalld sudo systemctl enable firewalld
Step 4: Configure Firewall Rules:
Firewalld uses the concept of “zones” to manage different levels of trust for network connections. By default, firewalld comes with the “public” zone enabled. You can list the available zones by running the following command:
sudo firewall-cmd --get-zones
Step 5: Add Services to Zones:
To allow specific services through the firewall, you can add them to the appropriate zone. For example, to enable HTTP (port 80), run the following command:
sudo firewall-cmd --zone=public --add-service=http --permanent
You can add other services using a similar syntax.
Step 6: Open Custom Ports:
If you need to open custom ports, you can do so by running the following command:
sudo firewall-cmd --zone=public --add-port=<port_number>/tcp --permanent
Replace <port_number> with the desired port number.
Step 7: Reload the Firewall:
After making any changes to the firewall configuration, reload the firewall to apply the new settings. Run the following command:
sudo firewall-cmd --reload
Step 8: Verify Firewall Configuration:
To verify that the firewall rules are correctly set up, you can check the active zones and their associated services. Run the following command:
sudo firewall-cmd --list-all
This command will display the active zones and the services allowed through the firewall.
Conclusion:
Congratulations! You have successfully set up a firewall using firewalld on Rocky Linux 9. By configuring firewall rules, you have added an important layer of security to your server, protecting it from unauthorized access and potential threats. Remember to regularly review and update your firewall rules as per your specific requirements. Firewalld provides a flexible and powerful firewall management solution, allowing you to create a robust defense for your server.
Nilesh R. Agrawal 