环境
- Red Hat Enterprise Linux 7
问题
- How to configure firewalld in RHEL 7.
决议
- Follow are list of commands that would be helpful to configure Firewalld service.
1. To start/stop/status firewalld service
Raw
systemctl start firewalld.service
systemctl stop firewalld.service
systemctl status firewalld.service
2. To enable/disable firewalld service at boot time.
To enable firewalld service from starting at boot time.
Raw
systemctl enable firewalld
To disable firewalld service from starting at boot time.
Raw
systemctl disable firewalld
3. To list details of default and active zones.
Raw
firewall-cmd --get-default-zone
Raw
firewall-cmd --get-active-zones
Raw
firewall-cmd --list-all
4. To add/remove interfaces to zones.
To add interface "eth1" to "public" zone.
Raw
firewall-cmd --zone=public --change-interface=eth1
5. To list/add/remove services to zones.
To list available services
Raw
firewall-cmd --get-services
To add "samba and samba-client" service to a specific zone.
You may include, "permanent" flag to make this permanent change.
Raw
firewall-cmd --zone=public --add-service=samba --add-service=samba-client --permanent
To list services configured in a specific zone.
Raw
firewall-cmd --zone=public --list-service
6. To list and Add ports to firewall.
Raw
firewall-cmd --list-ports
firewall-cmd --zone=public --add-port=5000/tcp
Note:
You may restart the Network service followed by Firewall server.
Raw
systemctl restart network.service
systemctl restart firewalld.service
根源
Verify interfaces are added to correct zones and specific services are allowed to provide
access to server while firewalld is running.