Firewall & Security

Firewalls are a critical component of network security. They act as a barrier between a trusted internal network and untrusted external networks, such as the internet.

`firewalld` Zones

firewalld is a firewall management tool for Linux. It uses the concept of zones to manage traffic. A zone is a set of rules that determines what traffic is allowed or denied.

Some of the predefined zones in firewalld include:

public: For use in public areas. You do not trust the other computers on networks to not harm your computer.
trusted: All network connections are accepted.
home: For use in home areas. You mostly trust the other computers on networks to not harm your computer.
internal: For use on internal networks. You mostly trust the other computers on the networks to not harm your computer.
dmz: For computers in your demilitarized zone that are publicly-accessible with limited access to your internal network.

Common Rules (ssh, http, https)

You can use the firewall-cmd command to manage firewalld rules.

Allow SSH traffic:

sudo firewall-cmd --zone=public --add-service=ssh --permanent

Allow HTTP and HTTPS traffic:

sudo firewall-cmd --zone=public --add-service=http --permanent
sudo firewall-cmd --zone=public --add-service=https --permanent

Reload the firewall to apply the changes:
```
sudo firewall-cmd --reload
```

How to Check Open Ports and Services

List all open ports and services:
```
sudo firewall-cmd --list-all
```

Check if a specific port is open:

sudo firewall-cmd --zone=public --query-port=80/tcp

Check if a specific service is enabled:

sudo firewall-cmd --zone=public --query-service=ssh

firewalld Zones​

Common Rules (ssh, http, https)​

How to Check Open Ports and Services​

`firewalld` Zones

Common Rules (ssh, http, https)

How to Check Open Ports and Services