Hosting + Ai Website Builder + Free Domain (3 Month Free Credit)
Shop Today
web_hosting_offer_banner

How to Create FirewallD on Linux Server [Complete Setup Guide]

Himanshu Joshi 5 min read

FirewallD is a dynamic firewall manager for Linux systems that provides an easy way to configure and manage firewall rules. Unlike traditional tools like iptables, FirewallD uses zones and services to simplify security management while still offering powerful customization options. It is widely used in production environments for its flexibility and ability to apply rules without requiring a full restart, making it simple to create FirewallD configurations tailored to different network needs.

FirewallD-firewall

In this article, we’ll cover how to create FirewallD on a Linux server from scratch. We’ll start with installation, move into configuration, explain how to manage FirewallD services, work with zones and rules, enhance server security, and troubleshoot common issues. By the end, you’ll have a fully functional and secure firewall setup on your Linux machine.

Prerequisites

Before you begin the installation process, it’s important to prepare your server. Having the right prerequisites ensures smooth deployment and reduces the chance of errors.

  • A Linux server running CentOS, RHEL, Fedora, or Ubuntu
  • A user account with sudo privileges
  • Access to the internet for installing packages
  • Basic understanding of Linux command-line operations

With these in place, you’re ready to set up FirewallD on your server.

Install FirewallD on Linux

FirewallD is available in most Linux distributions by default, but if not installed, you can add it easily.

  • Updating Your System

It’s always a good practice to update your system before installing new software.

sudo apt update && sudo apt upgrade -y     # Ubuntu/Debian  
sudo yum update -y                         # CentOS/RHEL
  • Installing FirewallD

Now, install the FirewallD package using your distribution’s package manager.

sudo apt install firewalld -y    # Ubuntu/Debian  
sudo yum install firewalld -y    # CentOS/RHEL
  • Starting and Enabling FirewallD

Once installed, start FirewallD and enable it to launch at boot.

sudo systemctl start firewalld  
sudo systemctl enable firewalld
  • Verifying Installation

Check the status of FirewallD to ensure it is running correctly.

sudo systemctl status firewalld

If you see an active (running) message, FirewallD is successfully installed.

Configuring FirewallD on Linux

After installation, the next step is configuring FirewallD to control traffic effectively. Configuration is based on zones and services that allow or restrict traffic.

Zones

Zones define trust levels for network connections. Common zones include:

  • Public: Default zone for untrusted networks.
  • Home/Work: More permissive, suitable for private networks.
  • DMZ: Allows limited access for public-facing services.
  • Trusted: Permits all traffic.

You can view active zones using:

firewall-cmd --get-active-zones
  • Adding Services to Zones

Services like SSH, HTTP, or HTTPS can be allowed through specific zones.

For example, to allow SSH:

sudo firewall-cmd --zone=public --add-service=ssh --permanent  
sudo firewall-cmd --reload
  • Allowing Ports

Sometimes you may want to open custom ports.

For example, allowing port 8080:

sudo firewall-cmd --zone=public --add-port=8080/tcp --permanent  
sudo firewall-cmd --reload

This flexibility makes FirewallD powerful for different networking needs.

Managing FirewallD Services on Linux

Managing FirewallD services involves starting, stopping, reloading, and checking status. These commands help keep your firewall rules updated and effective.

  • Start FirewallD
sudo systemctl start firewalld
  • Stop FirewallD
sudo systemctl stop firewalld
  • Restart FirewallD
sudo systemctl restart firewalld
  • Reload Rules without Restart
sudo firewall-cmd --reload
  • Check FirewallD Status
sudo firewall-cmd --state

These commands are essential for maintaining smooth operation.

Enhancing Security with FirewallD

A firewall’s main purpose is to secure your server. FirewallD offers several features to strengthen your security posture.

  • Use Zones Wisely: Assign the right zone based on the trust level of the network.
  • Restrict Unnecessary Services: Only open ports/services that are essential.
  • Block Specific IPs: Use rich rules to block malicious IP addresses.
sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="192.168.1.100" reject'  
sudo firewall-cmd --reload
  • Enable Logging: Track dropped packets to identify suspicious activity.
sudo firewall-cmd --set-log-denied=all

With these configurations, you can protect your Linux server from unauthorized access.

Working with FirewallD Zones in Detail

Zones are the core concept of FirewallD, so understanding them well is crucial. Each network interface is assigned to a zone, and each zone has different rules.

  • Listing All Zones
firewall-cmd --list-all-zones
  • Assigning an Interface to a Zone
sudo firewall-cmd --zone=public --change-interface=eth0 --permanent  
sudo firewall-cmd --reload
  • Checking Services Allowed in a Zone
firewall-cmd --zone=public --list-all

This granularity gives you precise control over your server’s network exposure.

Common Issues and Fixes in FirewallD

Even though FirewallD is user-friendly, issues may arise during configuration. Here are common problems and their solutions.

  • FirewallD Service Not Starting
    • Ensure the package is installed properly.
    • Check logs with journalctl -xe.
  • Rules Not Applying After Reboot
    • Always use the --permanent option before reloading.
  • Connectivity Issues After Enabling Firewall
    • Verify that essential services like SSH are allowed.
    • Temporarily stop FirewallD to confirm if it’s blocking connections.
  • Zone Misconfiguration
    • Double-check active zones and assigned interfaces.

By identifying these problems early, you can fix FirewallD issues in Linux and maintain stable operations.

FAQs: Create FirewallD on Linux Server

How do I create FirewallD on a Linux server?

To create FirewallD on a Linux server, install the FirewallD package, start the service, and configure zones and rules. This allows you to manage network traffic and secure your server effectively.

What are the advantages of using FirewallD over iptables?

FirewallD offers a simpler and more flexible approach by using zones and services instead of complex rule sets. It also allows changes without restarting, making it ideal for production environments that require uptime and adaptability.

How can I secure my Linux server using FirewallD?

You can secure your server by assigning zones to network interfaces, restricting unnecessary ports, enabling only required services, and applying rich rules. Regular monitoring and updating rules ensure strong and reliable firewall protection.

Conclusion

FirewallD is a modern and flexible firewall management tool for Linux servers. Unlike traditional methods, it provides an easier way to apply security rules dynamically without downtime.

In this guide, we explored the entire process of creating FirewallD on a Linux server — from installation and configuration to managing services, working with zones, enhancing security, and troubleshooting common issues.

By following these steps, you can ensure that your server remains secure, resilient, and optimized for both performance and protection. For more, visit the official FirewallD documentation.

Himanshu Joshi

Leave a Comment

Your email address will not be published. Required fields are marked *

Related Articles

Scroll to Top