Firewall
From Leo's Notes
Last edited on 16 May 2023, at 20:49.
Linux[edit | edit source]
Linux typically uses IPTables for its firewall. On most modern Linux distributions, IPTables is controlled through another program or manager such as firewalld, or CSF.
Firewalld[edit | edit source]
See whether firewalld is running | firewall-cmd --state |
List all rules | firewall-cmd --list-all |
List all zones | firewall-cmd --list-all-zones |
List all rules in a specific zone | firewall-cmd --list-all --zone=home |
Allow a specific port | firewall-cmd --add-port <port-number/port-type> --permanent |
Reload the firewall | firewall-cmd --reload |
Opening a Port[edit | edit source]
To allow a specific port access to your machine, you will (most likely) need to make IPTables ACCEPT
traffic meeting the port criteria on the INPUT
chain.
Simple IPTables:
# iptables -A INPUT -p tcp --dport 80 -j ACCEPT
If using Red Hat's firewalld:
# firewall-cmd --permanent --add-port=80/tcp
# firewall-cmd --permanent --add-service=x
## Reload firewall rules
# firewall-cmd --reload
CSF[edit | edit source]
If using CSF:
# vi /etc/csf/csf.conf
## Edit 'TCP_IN' to include any TCP traffic IN, or TCP_OUT for traffic out.
## Reload CSF
# csf -r