Introduction:
Firewalls are a fundamental aspect of securing your server against unauthorized access and threats. In this guide, we’ll walk you through setting up a firewall using FirewallD on CentOS 7. FirewallD is a dynamic firewall management tool that simplifies the process of configuring and managing your server’s firewall rules.
Prerequisites:
- A CentOS 7 server with root or sudo access.
- A terminal or SSH client for connecting to your server.
Step 1: Update Your System:
Before you begin, ensure your server is up to date by running:
sudo yum update
Step 2: Install FirewallD:
If FirewallD isn’t already installed, you can install it using the following command:
sudo yum install firewalld
Step 3: Start and Enable FirewallD:
To start the FirewallD service and enable it to start on boot, use the following commands:
sudo systemctl start firewalld
sudo systemctl enable firewalld
Step 4: Check the FirewallD Status:
To verify that FirewallD is running, enter:
sudo systemctl status firewalld
You should see that it’s active and running.
Step 5: Zones and Default Configuration:
FirewallD uses zones to define different levels of trust for your network interfaces. By default, CentOS 7 comes with three zones: public, internal, and trusted. You can see the active zones with:
sudo firewall-cmd --get-active-zones
The default zone is typically public.
Step 6: Configure the Firewall:
You can open ports and services using predefined services or by specifying custom ports. For example, to allow SSH traffic:
sudo firewall-cmd --permanent --add-service=ssh
To allow HTTP traffic:
sudo firewall-cmd --permanent --add-service=http
After making changes, reload the firewall for them to take effect:
sudo firewall-cmd --reload
Step 7: Additional Configuration:
You can add and remove ports, services, and interfaces as needed. Use the --remove
flag to remove items from the firewall configuration.
Step 8: Verify Configuration:
To view the active rules, run:
sudo firewall-cmd --list-all
This command will display all the active firewall settings.
Step 9: Testing:
After configuring the firewall, ensure that essential services remain accessible. Test SSH, HTTP, or other services you’ve enabled to guarantee that your server functions as expected.
Conclusion:
Setting up a firewall with FirewallD on CentOS 7 is an essential step in securing your server. By defining rules for trusted zones and allowing specific services and ports, you can protect your server from unauthorized access while permitting legitimate traffic. FirewallD simplifies this process by providing an intuitive interface for managing firewall rules on your CentOS 7 system.