Firewall & Firewalld
Firewall & Firewalld
- A firewall is a network security device that monitors and controls incoming and outgoing traffic from a computer network. work on zones and rules....
Zones = predefined sets of rules.
Rules =nothing but the premisssions set in the zones.
- firewall decides which network traffic is allowed to pass through and which traffic is deemed dangerous.
- Essentially, it works by filtering out the good from the bad, or the trusted from the untrusted.
- for controlling firewall you can use both command line intrface or GUI method.
- A firewall system analyzes network traffic based on pre-defined rules. It then filters the traffic and prevents any such traffic coming from unreliable or suspicious sources.
However, before we go into detail, it helps to understand the structure of web-based networks.
 |
| firewall working |
Concider the example,
As an watchman or security guard of your apartment or society.consider restrict chaireperson commity final the rules and permissions , and send the instrruction to that watchman. as per the instructions meet as the watchman allow only those people who live in society otherwise restict the other people or allow them in perticular permission.
in above example watchman is firewall and society is the system and watchman work on rules to control the external traffic.
Advantages of firewall
- Firewalls creates a layer of protection against unauthorized access to your network.
- Firewalls helps organizations manage their bandwidth usage.
- Firewalls help you monitor your network traffic so you can identify and respond to threats quickly.
- Firewalls prevents viruses and malware from infecting systems and spreading throughout the network.
Steps to operate firewall
1.For any help or deatils command
firewall-cmd --help
2.For details of zones
firewall-cmd --list-all
3.To get current service
firewall-cmd --list-services
or firewall-cmd --get-services
4.To immidiate disable network traffic
firewall-cmd --panic-on
to on
firewall-cmd --panic-off
details about panic mode
firewall-cmd --query-panic
5.As root if you copy the service
cp /usr/lib/firewalld/services/service-name.xml /etc/firewalld/services/service-name.xml
6.Incase of ports
. firewall-cmd --list-ports
firewall-cmd --add-port=port-number/port-type
.To make new setting persistent
firewall-cmd --runtime-to-permanent
to remove port
firewall-cmd --remove-port=port-number/port-type
7.For zones
list all the zones
firewall-cmd --get-zones
firewall-cmd --zone=zone-name --list-all
to display current zone
firewall-cmd --get-default-zone
In below example i am trying to add the service and port number to firewall to control the external traffic.
 |
| how to remove service and port number on firewall |
 | ||
| how to add the service and port number to firewall If we run the command firewall-cmd --list-all-zones we get all the available zones in which block – All incoming network connections rejected. Only network connections initiated from within the system are possible. dmz – Classic demilitarized zone (DMZ) zone that provided limited access to your LAN and only allows selected incoming ports. drop – All incoming network connections dropped, and only outgoing network connections allowed. external – Useful for router type of connections. You need LAN and WAN interfaces too for masquerading (NAT) to work correctly. home – Useful for home computers such as laptops and desktops within your LAN where you trust other computers. Allows only selected TCP/IP ports. internal – For use on internal networks when you mostly trust the other servers or computers on the LAN. public – You do not trust any other computers and servers on the network. You only allow the required ports and services. For cloud servers or server hosted at your place always use public zone. trusted – All network connections are accepted. I do not recommend this zone for dedicated servers or VMs connected to WAN. work – For use at your workplace where you trust your coworkers and other servers.
|
Comments
Post a Comment