Firewalld Firewall Service - Ufw firewall on linux #security

 

Firewalld Service

sudo apt install -y firewalld

stop/start firewalld service

1.systemctl status firewalld

2.systemctl restart firewalld

3.systemctl stop firewalld.service

4.systemctl start firewalld.service

Check the rules of firewalld

firewall-cmd --list-all

Listing of all the services firewalld is aware of:

firewall-cmd --get-services

To reload the config of firewalld

firewall-cmd --reload

Firewall has multiple zones , to get list

firewall-cmd --get-zones

To see the list of active zones

firewall-cmd --get-active-zones

To get firewall rules for a specific zone

firewall-cmd --zone=public --list-all

To add or remove a service

firewall-cmd -add-service=<name of service>

firewall-cmd --remove-service=<name of service>

To reload the config

firewall-cmd --reload

To add or remove a service permanently

firewall-cmd --add-service=<name of service> --permanent

firewall-cmd --remove-service=<name of service> --permanent

To add or remove a port

firewall-cmd --add-port=22/tcp

firewall-cmd --remove-port=22/tcp

To block incoming traffic from an IP

firewall-cmd --add-rich-rule='rule family="ipv4" source address="10.71.77.11" reject'

To block outgoing traffic to a IP or URL

sudo firewall-cmd --direct --add-rule ipv4 filter OUTPUT 0 -d 31.13.64.35 -j DROP

Get IP of a site

host -t a www.google.com

To block getting from ping

firewall-cmd --add-icmp-block-inversion