Skip to main content

Creating firewalld Rules

Hands-On Lab

 

Photo of

Training Architect

Length

00:30:00

Difficulty

Beginner

In this lab, we will be installing firewalld and creating firewall rules to permit HTTP and HTTPS traffic in the default zone. Then, we'll check to make sure the rules have applied.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Creating firewalld Rules

Introduction

In this lab, we will be installing firewalld and creating firewall rules to permit HTTP and HTTPS traffic in the default zone. Then, we'll check to make sure the rules have applied.

Log in via SSH to the public IP address provided, using the username and password provided on the lab page.

Install firewalld

Run the following command:

sudo apt-get install firewalld

Identify the Default Zone of firewalld

Use the following command to identify which zone is the default zone.

sudo firewall-cmd --get-default-zone

Create Firewall Rules

These rules need to take effect immediately without restarting the firewalld service, as well as survive a reboot. This means we must enter two rules for each protocol: one with the --permanent flag, and one without.

Enter:

sudo firewall-cmd --zone=public --add-service=http --permanent  
sudo firewall-cmd --zone=public --add-service=http  
sudo firewall-cmd --zone=public --add-service=https --permanent  
sudo firewall-cmd --zone=public --add-service=https     

Conclusion

Congratulations on completing this lab!