Firewalls on RHEL

, , , , 0

Here’s firewall configuration RHEL 6 and below

 

Check the status for reboot persistance

chkconfig –list | grep iptables

 

Command to add the firewall to accept traffic with port 22 on source 192.1.1.2

iptables -I INPUT 2 -p tcp –dport 22 -s 192.1.1.2 -j ACCEPT

 

Default location of iptables files 

/etc/sysconfig/iptables

 

Location of iptables configuration file

/etc/sysconfig/iptables-config

 

Stop & Start the iptables service

service iptables stop

service iptables start 

 

List all the iptables

service iptables status 

OR

iptables -L

 

Add iptables rule

iptables -A INPUT -p tcp -s 0.0.0.0./0 -m tcp –dport 20301 -j ACCEPT

 

Drop iptables rule

iptables -D INPUT -p tcp -s 0.0.0.0/0 -m tcp –dport 20301 -j DROP

 

Save the currently running iptables to the file and system

service iptables save (It automatically overwrites it to the /etc/sysconfig/iptables)

 

If you edited the iptable file and want to save it use

iptables-restore < /etc/sysconfig/iptables

 

If you edited the iptables via commands and want to save it

service iptables save

 
 
 
Here’s firewall configuration RHEL 7 and above
 
Check status & enable/disable firewall daemon
systemctl status firewalld
systemctl enable firewalld
systemctl disable firewalld
 
Get current firewall rules
firewall-cmd –get-default-zone
input the result zone as below
firewall-cmd –set-default-zone=home
firewall-cmd –get-active-zones
 
Check firewall daemon version
firewall-cmd –version
 
List all interfaces under specific zone
firewall-cmd –zone=public –list-interfaces
 
Add/Remove interfaces under specific zone
firewall-cmd –add-interface=eth0 –zone=public
firewall-cmd –remove-interface=eth0 –zone=public
 
Other helpful commands
firewall-cmd –get-services
firewall-cmd –permanent –get-services
firewall-cmd –panic-on (disable incoming and outgoing packets
firewall-cmd –help
 
Install & Open firewall daemon on GUI
yum install firewall-config firewalld-filesystem python3-firewall -y
firewall-config