Firewalld is a powerful and flexible firewall management tool for Linux systems. Install Firewalld to manage network traffic by controlling incoming and outgoing connections, helping protect your server from unauthorized access. Unlike traditional iptables, Firewalld simplifies firewall configuration by using zones and services, allowing for a more dynamic and user-friendly experience.
Firewalld is widely used on various Linux distributions, including CentOS, Fedora, and Ubuntu. Whether you’re managing a small personal server or a large-scale production environment, setting up a firewall is a crucial step in securing your system.
In this article, we covered how to install FirewallD on various Linux distributions.
Prerequisites
Before you start installing Firewalld, ensure that you have the following prerequisites:
- Linux Server: Firewalld supports a wide range of Linux distributions, including Debian, Ubuntu, CentOS, Fedora, and many others.
- Root Privileges: You need root or sudo access to install and configure Firewalld.
- Internet Access: An active internet connection is necessary to download the required packages during the installation process.
Check if Firewalld is Already Installed
Before proceeding with the installation, it’s important to check if Firewalld is already installed on your system. Many modern Linux distributions come with Firewalld pre-installed. To check if Firewalld is available, simply open your terminal and run the following command:
sudo firewall-cmd --version- If Firewalld is already installed, the command will return a version number (e.g.,
firewalld v0.6.3). - If it returns an error or no version, you’ll need to install Firewalld.
Install Firewalld on Linux
Installing Firewalld on Linux is an essential step in securing your server. Firewalld offers a dynamic and flexible firewall solution that simplifies the management of network traffic. Whether you’re using a personal or production server, Firewalld allows you to easily control incoming and outgoing connections, enhancing your system’s security.
Install Firewalld on Debian / Ubuntu
Install Firewalld on Debian / Ubuntu. First, update your package repository by running:
sudo apt update- Install Firewalld:
sudo apt install firewalldInstall Firewalld on CentOS / Fedora
On CentOS and Fedora, you can install Firewalld by running:
sudo yum install firewalldInstall Firewalld on Arch / Manjaro:
On Arch-based systems, use the following command:
sudo pacman -S firewalldInstall Firewalld on openSUSE
On openSUSE, install Firewalld with:
sudo zypper install firewalldStart and Enable Firewalld on Linux
Once Firewalld is installed, you’ll need to start it and enable it to start automatically on boot.
- To enable Firewalld to start at boot, run:
sudo systemctl enable firewalld- Start the Firewalld service:
sudo systemctl start firewalld- To check the status of Firewalld and ensure it’s running, use:
sudo firewall-cmd --stateThis should return running if Firewalld is active.
Configure Firewalld on Linux
Now that Firewalld is up and running, it’s time to configure it to allow essential services.
Allow Basic Services (e.g., HTTPS)
To open ports for services like HTTPS, use the following command:
sudo firewall-cmd --permanent --add-service=httpsThis command adds HTTPS to the allowed services list permanently. The --permanent flag ensures that the change persists after a system reboot.
Reload Firewalld
After adding or modifying services, you need to reload Firewalld to apply the changes:
sudo firewall-cmd --reloadVerify Open Services
To see which services are currently allowed by the firewall, run:
sudo firewall-cmd --list-servicesThis will display a list of open services (e.g., ssh, https, etc.).
Check Out | How to Turn Off the Firewall in Windows 10 and 11
Conclusion
You’ve successfully installed and configured Firewalld on your Linux server. By following these steps, you’ve taken an important step toward securing your system by controlling network traffic. By using Firewalld effectively, you’ll have a robust defense system in place to protect your Linux server from unwanted network traffic.