Firewalld Command - Useful firewall-cmd Examples (RHEL based)

 


Image Source: techmint

Useful firewall-cmd Examples 

(Source: thegreekdiary.com)



1. List all zones Use the following command to list information for all zones. Only partial output is displayed. 
firewall-cmd --list-all-zones
Output:

work
 target: default
 icmp-block-inversion: no
 interfaces:
 sources:
 services: dhcpv6-client ssh
 ports:
 protocols:
 masquerade: no
 forward-ports:
 sourceports:
 icmp-blocks:
 rich rules:

drop
 target: DROP
 icmp-block-inversion: no
 interfaces:
 sources:
 services:
 ports:
 protocols:
 masquerade: no forward-ports:
 sourceports:
 icmp-blocks:
 rich rules:
 .....


Public is the default zone set, if you do not change it. To check the currently set default zone use the below command:
firewall-cmd --get-default-zone
public


2. List allowed service and ports on the system To show currently allowed service on your system use the below command. 
firewall-cmd --list-services
dhcpv6-client ssh 



To list the ports that are open on your system: 
firewall-cmd --list-ports

You would normally see no ports listed here when you have just enabled the firewalld.

 

3. To Enable all the incoming ports for a service You can also open the required ports for a service by using the –add-seervice option.

To permit access by HTTP clients for the public zone: 
firewall-cmd --zone=public --add-service=http


success To list services that are allowed for the public zone: 
firewall-cmd --zone=work --list-services
dhcpv6-client http ssh 


Using this command only changes the Runtime configuration and does not update the configuration files. The following sequence of commands shows that configuration changes made in Runtime configuration mode are lost when the firewalld service is restarted: 
systemctl restart firewalld
firewall-cmd --zone=work --list-services
dhcpv6-client ssh



To make changes permanent, use the –permanent option.

Example: 
firewall-cmd --permanent --zone=public --add-service=http
success


Changes made in Permanent configuration mode are not implemented immediately.

Example: 
firewall-cmd --zone=work --list-services
dhcpv6-client ssh 


However, changes made in a Permanent configuration are written to configuration files.

Restarting the firewalld service reads the configuration files and implements the changes.

 Example: 
systemctl restart firewalld
firewall-cmd --zone=work --list-services
dhcpv6-client http ssh



4. Allow traffic on an incoming port The command below will open the port 2222 effective immediately, but will not persist across reboots: 
firewall-cmd --add-port=[YOUR PORT]/tcp

For example, to open TCP port 2222 : 
firewall-cmd --add-port=2222/tcp

The following command will create a persistent rule, but will not be put into effect immediately: 
firewall-cmd --permanent --add-port=[YOUR PORT]/tcp

For Example, to open TCP port 2222 : 
firewall-cmd --permanent --add-port=2222/tcp

To list the open ports, use the command :
firewall-cmd –-list-ports
2222/tcp



5. Start and stop firewalld service To start/stop/status firewalld service use the below commands: 
systemctl start firewalld.service
systemctl stop firewalld.service

To check the status of the firewalld service: 
systemctl status firewalld.service

Popular posts from this blog

How to redirect Drupal site from http to https?

Image
  Hello Guys, Today, We are going to see, how can we redirect our Drupal Site from http to https through .htaccess file with simple three lines of code. RewriteEngine On RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] In cases where the HTTPS/SSL connection is ended at the load balancer and all traffic is sent to instances on port 80, the following rule works to redirect non-secure traffic. RewriteEngine On RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L] Ensure the mod_rewrite module is loaded. Source: Stackoverflow
Read more

How to deploy NODE.JS application on Ubuntu 16.04/18.04

Image
Hi Friends, Today, we are going to deploy NodeJS sample application from GITHUB so you have a basic idea, How can we deploy NodeJS application in Ubuntu 16.04/18.04 Requirement:  Installation of NodeJS  Installation of GIT (If not installed)  GITHUB Sample application URL – https://github.com/contentful/the-example-app.nodejs Step 1: Install the curl package  [If not already installed] sudo apt-get update sudo apt-get install curl -y Step 2: Add the NodeJS PPA for install the NodeJS curl -sL https://deb.nodesource.com/setup_8.x | sudo bash -     [PPA for Long Term Support (LTS) version] Step 3: Install the NodeJS package sudo apt-get install nodejs -y Step 4: Clone the repository to root directory sudo -i git clone https://github.com/contentful/the-example-app.nodejs.git Step 5: Now install the npm package from where package.json is – cd the-example-app.nodejs npm install Step 6: Now finally run the NodeJS application [this application will run on port 3000...
Read more

WordPress Themes and Plugins Installation Problem

Image
WordPress plugins and themes installation problem Step 1 – Add the following line at the end of wp-config.php file define( 'FS_METHOD' , 'direct' ); Step 2 – Give 777 recursive permission to wp-content folder chmod -R 777 wp-content Most probably, this will fix all the issues of yours. But in case, you have bought and theme and plugins from some website like themeforest of other site and your theme or size is more than the size mentioned in php.in file. Then you need to increase the size of followings – upload_max_size post_max_size max_execution_size etc. and restart the apache service OR Best Solution: Simply give www-data user to user and group onwership to website serving directory
Read more