Managing firewalld

About firewall

In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet

Packet filter

The first reported type of network firewall is called a packet filter, which inspect packets transferred between computers. The firewall maintains an access control list which dictates what packets will be looked at and what action should be applied, if any, with the default action set to silent discard. Three basic actions regarding the packet consist of a silent discard, discard with Internet Control Message Protocol or TCP reset response to the sender, and forward to the next hop. Packets may be filtered by source and destination IP addresses, protocol, source and destination ports. The bulk of Internet communication in 20th and early 21st century used either Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) in conjunction with well-known ports, enabling firewalls of that era to distinguish between specific types of traffic such as web browsing, remote printing, email transmission, file transfer.

The first paper published on firewall technology was in 1987 when engineers from Digital Equipment Corporation (DEC) developed filter systems known as packet filter firewalls. At AT&T Bell Labs, Bill Cheswick and Steve Bellovin continued their research in packet filtering and developed a working model for their own company based on their original first-generation architecture.

Go to TOP

Roxy-WI and Firewalld

Roxy-WI offers ability to manage Firewalld automatically. It means: when you add a new frontend or listen for HAProxy with new ports or add a new server section for Nginx, Roxy-WI will open these ports.

Be aware: Roxy-WI does not close ports back, when you delete frontend or listen for HAProxy or delete server section for Nginx

You can enable this function on the "Server" tabs on "Server" or "Admin area" pages. Just check checkbox in Firewalld section

Roxy-WI Servers
Go to TOP

Viewing Firewalld rules

This feature will be available since 4.5.6 (02.01.2021) version

For checking Firewalld rules go to the Servers -> Servers tab. Choose need server and press the "view" button in the "Firewalld" column.

View firewalld in Roxy-WI

Go to TOP

Enabling Firewalld

On CentOS or RedHat Firewalld is installed by default. You can check it:

In output above you can see that Firewalld is run: Active: active (running). If you have another status run next:

Be aware: when you run Firewalld first time, it closes all inbound connection except SSH

Go to TOP

Installation Firewalld

On Ubuntu or Debian Firewalld can be installed, but before install Firewalld you have to disable pre-installed firewall - ufw:

Go to TOP

Was this article helpful?

Yes, thanks!
Not really
Go back