More firewalld links
Posted by jpluimers on 2021/08/26
Last week I posted firewalld: show interfaces with their zone details and show zones in use as a follow up on On my research list: migrate from OpenSuSE SuSEfirewall2 to firewalld « The Wiert Corner – irregular stream of stuff.
I explained that firewalld is based on zones, and showed some statements on how to retrieve information.
In the mean time, I collected a bunch more firewalld related links, so here they are:
- [WayBack] How To Set Up a Firewall Using FirewallD on CentOS 7 | DigitalOcean (which I found quite late in the game) is one of the easiest to read and understand guides for firewalld which works equally wel for any distribution, including OpenSuSE.
- [WayBack] Firewalld – openSUSE Wiki covering:
- [WayBack] TUMBLEWEED can anyone provide a clear overview of the move to firewalld? explaining some issues when migrating from SuSEfirewall2 to firewalld
- [WayBack] susefirewall2-to-firewalld/susefirewall2-to-firewalld at master · openSUSE/susefirewall2-to-firewalld · GitHub
- [WayBack] Masquerading and Firewalls | Security Guide | openSUSE Leap 15.1 covering
- [WayBack] GitHub – openSUSE/susefirewall2-to-firewalld: Basic SuSEfirewall2 to FirewallD migration script
- [WayBack] TUMBLEWEED Opening ports in the new YaST2 Firewall explaining you should favour adding services over ports, but you can add ports nonetheless:
For adding ports numerically, just add one at a time, or a range eg ‘3000-4000’
The CLI command to allow port 5000 TCP would be
sudo firewall-cmd --zone=public --add-port=5000/tcp - [WayBack] 5 Useful Examples of firewall-cmd command – The Geek Diary with the most important takeaway that you:
- first should try a change locally
- then make it permanent by using the
--permantoption
# firewall-cmd --zone=public --add-service=http successTo make changes permanent, use the –permanent option. Example:
# firewall-cmd --permanent --zone=public --add-service=http successChanges made in Permanent configuration mode are not implemented immediately. Example:
# firewall-cmd --zone=work --list-services dhcpv6-client sshHowever, changes made in a Permanent configuration are written to configuration files. Restarting the firewalld service reads the configuration files and implements the changes.
Example:# systemctl restart firewalld# firewall-cmd --zone=work --list-services dhcpv6-client http ssh - LEAP 15 and SLES 15 were the versions that switched to firewalld from SuSEfirewall2 .
- [WayBack] [SOLVED] SuSE LEAP 15 firewalld
- LEAP is not an abbreviation: [WayBack] Portal:Leap – openSUSE Wiki
- [WayBack] How to enable or disable firewall in SLES 15 – Init Pals
- SLES (though some use SLE) is an abbrviation for SUSE Linux Enterprise Server.
- [WayBack] [SOLVED] SuSE LEAP 15 firewalld
- [WayBack] Documentation – Manual Pages – firewall-cmd | firewalld – the most important man page.
- [WayBack] Documentation – Zone – Examples | firewalld
- [WayBack] Documentation | firewalld linking to
- Concepts
- Configuration
- Utilities
- The daemon: firewalld
- Zone
- Service
- IPSet
- Helper
- ICMP Type
- Direct Interface
- HowTo
- Manual Pages
- firewalld(1)
- firewall-cmd(1)
- firewall-offline-cmd(1)
- firewall-config(1)
- firewall-applet(1)
- firewalld.conf(5)
- firewalld.zones(5)
- firewalld.zone(5)
- firewalld.service(5)
- firewalld.ipset(5)
- firewalld.helper(5)
- firewalld.icmptype(5)
- firewalld.richlanguage(5)
- firewalld.direct(5)
- firewalld.lockdown-whitelist(5)
- firewalld.dbus(5)
- External Resources
- Working With The Source
- a
- a
- a
- a
- a
–jeroen
The Wiert Corner - irregular stream of stuff 
Leave a Reply