Creating firewalld Rules

Hands-On Lab

 

Photo of Bob Salmans

Bob Salmans

Security Training Architect I in Content

Length

00:30:00

Difficulty

Beginner

In this lab, we will be installing firewalld and creating firewall rules to permit HTTP and HTTPS traffic in the default zone. Then, we'll check to make sure the rules have applied.

What are Hands-On Labs?

Hands-On Labs are scenario-based learning environments where learners can practice without consequences. Don't compromise a system or waste money on expensive downloads. Practice real-world skills without the real-world risk, no assembly required.

Creating firewalld Rules

Introduction

In this lab, we will be installing firewalld and creating firewall rules to permit HTTP and HTTPS traffic in the default zone. Then, we'll check to make sure the rules have applied.

Log in via SSH to the public IP address provided, using the username and password provided on the lab page.

Install firewalld

Run the following command:

sudo apt-get install firewalld

Identify the Default Zone of firewalld

Use the following command to identify which zone is the default zone.

sudo firewall-cmd --get-default-zone

Create Firewall Rules

These rules need to take effect immediately without restarting the firewalld service, as well as survive a reboot. This means we must enter two rules for each protocol: one with the --permanent flag, and one without.

Enter:

sudo firewall-cmd --zone=public --add-service=http --permanent  
sudo firewall-cmd --zone=public --add-service=http  
sudo firewall-cmd --zone=public --add-service=https --permanent  
sudo firewall-cmd --zone=public --add-service=https     

Conclusion

Congratulations on completing this lab!