What is Firewall

To guard against undesired traffic and unlawful access to our system, a virtual wall is a feature of security systems. Under Linux OS, network traffic (inbound and outgoing connections) is monitored and controlled by the Linux Firewall security mechanism. The usage of ports—virtual locations where network connections start and stop—different IP addresses, specific subnets, and services can all be blocked using it. To keep the firewall policies up to date, we use a daemon named Firewalld. A firewall is a dynamically controlled firewall utility that runs on Linux systems and may be modified in real-time in response to changes in the network climate.

Like other operating systems, Linux has various advantages regarding firewalls that improve system and network security. These are some of the main benefits of utilizing a firewall in Linux.

3 Benefits Firewall

1 Security of Networks:
Firewalls regulate both inbound and outbound network traffic by acting as a barrier between your computer and the external network. This shields your system from different network-based threats and aids in preventing unauthorized access.

2 Port Sifting:
Specific ports can be used by firewalls to filter traffic. This is essential in order to grant or deny access to particular services. You can, for instance, leave other ports closed and open port 80 for HTTP or port 22 for SSH.

3 Access Control:
You can manage which ports on your system are open or closed with the help of firewalls. This is necessary to restrict access to particular services and stop illegal connections to important ports.

4 Translation of network addresses (NAT):
* Lock Down Internal IP Addresses: By concealing the internal network architecture, firewalls with NAT capabilities can add an additional degree of protection by hiding internal IP addresses.

5 Policies for Security:
By enabling the implementation of security rules, firewalls assist enterprises in adhering to regulatory obligations and best practices.

6 Community Support for Open Source Software:
Numerous open-source Linux firewalls are made possible by the contributions of a sizable and vibrant community. This guarantees frequent upgrades, bug patches, and enhancements, boosting the firewall software’s overall security.

7 The policy of default denial:
A “default deny” policy is commonly used by firewalls, which means that only expressly allowed traffic is allowed and all other traffic is refused by default. By doing this, you can lower the chance of unwanted access and lessen the attack surface.

8 Rules according to Users and Groups:
Rules can be applied by firewalls based on the permissions of individual users or groups. This is especially helpful in multi-user environments where users may demand different types of network access.

9 Defence Against Malware:
Not only can firewalls stop malware from connecting to command and control sites, but they can also stop communication with known malicious IP addresses. Against different kinds of cyber threats, this provides an additional line of security.

10 Compliance Requirements:
As part of an all-encompassing security plan, the usage of firewalls is encouraged or required by numerous regulatory requirements and best practices. Organizations can improve overall security posture and meet compliance requirements by implementing a firewall.

In conclusion, firewalls are essential for safeguarding Linux systems since they manage network traffic, stop illegal access, and act as a barrier against different online threats. They greatly enhance the general security of the machine and the network to which it is linked when set correctly.

3 How to use a firewall

1 You can use the following to install it if it isn’t already:

yum install firewalld

2 Verify the Status of the Firewall:

Make sure your system has a firewall installed and operating. You can use the following command to see its status:

systemctl status firewalld

3 Firewalld: Start, Stop, or Restart:
The firewalled service can be started, stopped, or restarted with the following commands:

systemctl start firewalld # Start the firewall
systemctl stop firewalld # Stop the firewall
systemctl restart firewalld # Restart the firewall

4 Turn on Firewalld during boot up:
To make sure the firewall launches automatically when the system boots up, execute:

 systemctl enable firewalld

5 Basic commands for firewalls:
For a list of available zones:

firewall-cmd --get-zones

To obtain the working zone:

firewall-cmd --get-active-zones

6 Setting up Zones:
Zones are used by firewalls to indicate the degree of trust for network connections. Work, home, and public are the default zones. An interface can be linked to a zone by using:

firewall-cmd --zone=public --change-interface=ens160

7 Accessible Ports:
The –add-port option can be used to open a specific port. To enable HTTP on port 80, for instance:

firewall-cmd --permanent --zone=public --add-port=80/tcp

firewall-cmd --reload

The rule is made permanent with the –permanent flag and modifications are applied without restarting the firewall using the –reload option.

8 Permitting Services:
Rather than opening each port individually, you can permit certain services. To enable SSH, for instance:

firewall-cmd --permanent --zone=public --add-service=ssh

firewall-cmd --reload

9 Ports and Services Being Blocked:
The –remove-port and –remove-service options can be used to block a port or service.

firewall-cmd --permanent --zone=public --remove-port=80/tcp

firewall-cmd --reload

10 Rules for Viewing.
Here is where you may see the current rules:

firewall-cmd --list-all

The active zone’s rules are displayed by this command.

Don’t forget to modify the instructions according to your unique needs and network configuration. The above examples are meant to be illustrative; based on your use case, they might need to be modified. To prevent unintentionally locking yourself out of the system, exercise caution whenever configuring firewalls.