Here are a few sample commands to help you get a basic configuration of firewalld quickly and easily.
First we have to check if firewalld is installed on the system.
[root@sysonion]# systemctl status firewall Unit firewalld.service could not be found.
So here we still need the installation, which we have to do now.
[root@sysonion]# yum install firewalld
After the installation the service can be started.
So that firewalld starts persistently even after a restart, we will still „enable“ the service.
[root@sysonion]# systemctl start firewalld.service [root@sysonion]# systemctl enable firewalld.service
Create new zone and IP sources
[root@sysonion]#firewall-cmd --new-zone=novatec --permanent #Set the the deafault Zone [root@sysonion]#firewall-cmd --set-default-zone=sysonion #Add IP Sources to your zone [root@sysonion]#firewall-cmd --zone=sysonion--add-source=172.16.128.0/18 --permanent
Add services to the zone
[root@sysonion]#firewall-cmd --zone=novatec --add-service=mdns --permanent [root@sysonion]#firewall-cmd --zone=novatec --add-service=dns --permanent #This 2 services are for DNS for example port 53 [root@sysonion]#firewall-cmd --zone=novatec --add-service=dhcp --permanent [root@sysonion]#firewall-cmd --zone=novatec --add-service=ssh--permanent [root@sysonion]#firewall-cmd --reload #Reload is necessary
Add ports to the zone
[root@sysonion]#firewall-cmd --zone=novatec --add-port=80/tcp --permanent [root@sysonion]#firewall-cmd --zone=novatec --add-service=http --permanent
Further useful commands
[root@sysonion]#firewall-cmd --get-active-zones #What zones are active at the moment [root@sysonion]#firewall-cmd --zone=novatec --list-all ( alle Infos für die aktivierte Zone anzeigen lassen) #All information about the zone [root@sysonion]#firewall-cmd --get-default-zone #What is your default zone in the moment
