Subject: Configuring Firewalld on CentOS 7.9 2009 Linux Server
Good day from Singapore,
I had a chance to setup CentOS 7.9 2009 Linux on Lenovo ThinkSystem SR550 (2U) server for a customer on 8 Jun 2021 Tuesday.
The hardware specifications of the server are as follows:
Lenovo ThinkSystem SR550 (2U) Server =====================================
1x Intel Xeon Silver 4210R 10 Cores 100W 2.4 GHz Processor 1x ThinkSystem 16 GB TruDDR4 2933 MHz (2Rx8 1.2V) RDIMM 2x ThinkSystem 32 GB TruDDR4 2933 MHz (2Rx4 1.2V) RDIMM 1x ThinkSystem 8 GB TruDDR4 2933 MHz (1Rx8 1.2V) RDIMM 1x ThinkSystem RAID 530-8i PCIe 12Gb Adapter (RAID 0,1,5,10 - Zero Cache) 1x ThinkSystem 2U x16/x8 PCIe FH Riser 1 2x ThinkSystem 750W (230/115V) Platinum Hot-Swap Power Supply 1x 2.8 m, 13A/100-250V, C13 to C14 Jumper Cord 1x 2.8 m, 13A/100-250V, C13 to C14 Line Cord 1x ThinkSystem Toolless Slide Rail 2x Integrated 1 GbE RJ-45 ports 8x 2.5" HS Open HDD bays Warranty: 3 Y P L, Onsite, 2Hr, 24x7 ThinkSystem XClarity Controller Standard to Advanced Upgrade ThinkSystem XClarity Controller Advanced to Enterprise Upgrade 4x ThinkSystem 2.5" 2.4TB 10K SAS 12Gb Hot Swap 512e HDD (RAID 5) 2x ThinkSystem 2.5" 5300 960GB Entry SATA 6Gb Hot Swap SSD (RAID 1)
After completing the installation of CentOS 7.9 2009 Linux Server, I proceeded to install and configure Firewalld.
Firewalld is a frontend for netfilter iptables firewall.
Installing Firewalld ====================
# yum install firewalld
# systemctl enable firewalld
# reboot
Checking if Firewalld is running =================================
# firewall-cmd --state
Output:
running
Checking for default zone =========================
# firewall-cmd --get-default-zone
Output:
public
Checking for active zone ========================
# firewall-cmd --get-active-zones
Output:
public interfaces: eno1
List all services of the active zone ====================================
# firewall-cmd --list-all
Output:
public (active) target: default icmp-block-inversion: no interfaces: eno1 sources: services: dhcpv6-client ssh ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
Creating new zone =================
# firewall-cmd --permanent --new-zone=custom
Output:
success
Listing all zones =================
# firewall-cmd --permanent --get-zones
Output:
block custom dmz drop external home internal public trusted work
Restart Firewalld =================
# firewall-cmd --reload
Output:
success
List all zones ==============
block custom dmz drop external home internal public trusted work
Assigning network interface to the new zone ===========================================
# firewall-cmd --zone=custom --change-interface=eno1
Output:
success
Open TCP port 22 for ssh ========================
# firewall-cmd --zone=custom --permanent --add-service=ssh
Output:
success
Restart Network and Firewalld =============================
# systemctl restart network
# systemctl reload firewalld
Checking for active zone =========================
# firewall-cmd --get-active-zones
Output:
public interfaces: eno1
Setting the default zone ========================
# firewall-cmd --set-default-zone=custom
Output:
success
Checking for default zone =========================
# firewall-cmd --get-default-zone
Output:
custom
Checking for active zone =========================
# firewall-cmd --get-active-zones
Output:
custom interfaces: eno1
Reboot the Linux Server =======================
# reboot
Checking for default zone ==========================
# firewall-cmd --get-default-zone
Output:
custom
Checking for active zone =========================
# firewall-cmd --get-active-zones
Output:
custom interfaces: eno1
Listing all services of active zone ====================================
# firewall-cmd --list-all
Output:
custom (active) target: default icmp-block-inversion: no interfaces: eno1 sources: services: ssh ports: protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
===END===
Reference Guide: How To Set Up a Firewall Using FirewallD on CentOS 7 Link: https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-us...
Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 9 Jun 2021, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a System Integrator (SI)/computer firm in Singapore. He is an IT enthusiast.
firewalld-users@lists.fedorahosted.org