How to configure firewalld in RHEL 7

​

环境

• Red Hat Enterprise Linux 7

问题

• How to configure firewalld in RHEL 7.

决议

• Follow are list of commands that would be helpful to configure Firewalld service.

1. To start/stop/status firewalld service

​​Raw​​

systemctl start firewalld.service

systemctl stop firewalld.service

systemctl status firewalld.service

2. To enable/disable firewalld service at boot time.

To enable firewalld service from starting at boot time.

​​Raw​​

systemctl enable firewalld

To disable firewalld service from starting at boot time.

​​Raw​​

systemctl disable firewalld

3. To list details of default and active zones.

​​Raw​​

firewall-cmd --get-default-zone

​​Raw​​

firewall-cmd --get-active-zones

​​Raw​​

firewall-cmd --list-all

4. To add/remove interfaces to zones.

To add interface "eth1" to "public" zone.

​​Raw​​

firewall-cmd --zone=public --change-interface=eth1

5. To list/add/remove services to zones.

To list available services

​​Raw​​

firewall-cmd --get-services

To add "samba and samba-client" service to a specific zone.

You may include, "permanent" flag to make this permanent change.

​​Raw​​

firewall-cmd --zone=public --add-service=samba --add-service=samba-client --permanent 

To list services configured in a specific zone.

​​Raw​​

firewall-cmd --zone=public --list-service

6. To list and Add ports to firewall.

​​Raw​​

firewall-cmd --list-ports

firewall-cmd --zone=public --add-port=5000/tcp

Note:

You may restart the Network service followed by Firewall server.

​​Raw​​

systemctl restart network.service
systemctl restart firewalld.service

根源

Verify interfaces are added to correct zones and specific services are allowed to provide

access to server while firewalld is running.