[UPDATE 1] Configuring Firewalld on CentOS 7.9 2009 Linux Server
Subject: [UPDATE 1] Configuring Firewalld on CentOS 7.9 2009 Linux Server
Good day from Singapore,
I had a chance to setup CentOS 7.9 2009 Linux on Lenovo ThinkSystem SR550 (2U) server for a customer on 8 Jun 2021 Tuesday.
The hardware specifications of the server are as follows:
Lenovo ThinkSystem SR550 (2U) Server
=====================================
1x Intel Xeon Silver 4210R 10 Cores 100W 2.4 GHz Processor
1x ThinkSystem 16 GB TruDDR4 2933 MHz (2Rx8 1.2V) RDIMM
2x ThinkSystem 32 GB TruDDR4 2933 MHz (2Rx4 1.2V) RDIMM
1x ThinkSystem 8 GB TruDDR4 2933 MHz (1Rx8 1.2V) RDIMM
1x ThinkSystem RAID 530-8i PCIe 12Gb Adapter (RAID 0,1,5,10 - Zero Cache)
1x ThinkSystem 2U x16/x8 PCIe FH Riser 1
2x ThinkSystem 750W (230/115V) Platinum Hot-Swap Power Supply
1x 2.8 m, 13A/100-250V, C13 to C14 Jumper Cord
1x 2.8 m, 13A/100-250V, C13 to C14 Line Cord
1x ThinkSystem Toolless Slide Rail
2x Integrated 1 GbE RJ-45 ports
8x 2.5" HS Open HDD bays
Warranty: 3 Y P L, Onsite, 2Hr, 24x7
ThinkSystem XClarity Controller Standard to Advanced Upgrade
ThinkSystem XClarity Controller Advanced to Enterprise Upgrade
4x ThinkSystem 2.5" 2.4TB 10K SAS 12Gb Hot Swap 512e HDD (RAID 5)
2x ThinkSystem 2.5" 5300 960GB Entry SATA 6Gb Hot Swap SSD (RAID 1)
After completing the installation of CentOS 7.9 2009 Linux Server, I proceeded to install and configure Firewalld.
Firewalld is a frontend for netfilter iptables firewall.
Installing Firewalld
====================
# yum install firewalld
# systemctl enable firewalld
# reboot
Checking if Firewalld is running
=================================
# firewall-cmd --state
Output:
running
Checking for default zone
=========================
# firewall-cmd --get-default-zone
Output:
public
Checking for active zone
========================
# firewall-cmd --get-active-zones
Output:
public
interfaces: eno1
List all services of the active zone
====================================
# firewall-cmd --list-all
Output:
public (active)
target: default
icmp-block-inversion: no
interfaces: eno1
sources:
services: dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Creating new zone
=================
# firewall-cmd --permanent --new-zone=custom
Output:
success
Listing all zones
=================
# firewall-cmd --permanent --get-zones
Output:
block custom dmz drop external home internal public trusted work
Restart Firewalld
=================
# firewall-cmd --reload
Output:
success
List all zones
==============
# firewall-cmd --get-zones
block custom dmz drop external home internal public trusted work
Assigning network interface to the new zone
===========================================
# firewall-cmd --zone=custom --change-interface=eno1
Output:
success
Open TCP port 22 for ssh
========================
# firewall-cmd --zone=custom --permanent --add-service=ssh
Output:
success
Restart Network and Firewalld
=============================
# systemctl restart network
# systemctl reload firewalld
Checking for active zone
=========================
# firewall-cmd --get-active-zones
Output:
public
interfaces: eno1
Setting the default zone
========================
# firewall-cmd --set-default-zone=custom
Output:
success
Checking for default zone
=========================
# firewall-cmd --get-default-zone
Output:
custom
Checking for active zone
=========================
# firewall-cmd --get-active-zones
Output:
custom
interfaces: eno1
Reboot the Linux Server
=======================
# reboot
Checking for default zone
==========================
# firewall-cmd --get-default-zone
Output:
custom
Checking for active zone
=========================
# firewall-cmd --get-active-zones
Output:
custom
interfaces: eno1
Listing all services of active zone
====================================
# firewall-cmd --list-all
Output:
custom (active)
target: default
icmp-block-inversion: no
interfaces: eno1
sources:
services: ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
===END===
Reference Guide: How To Set Up a Firewall Using FirewallD on CentOS 7
Link: https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-7
Mr. Turritopsis Dohrnii Teo En Ming, 43 years old as of 13 Jun 2021, is a TARGETED INDIVIDUAL living in Singapore. He is an IT Consultant with a System Integrator (SI)/computer firm in Singapore. He is an IT enthusiast.
REFERENCES
==========
[2] https://marc.info/?l=netfilter&m=162324990508864&w=2
Comments
Post a Comment