Managing firewalld

About firewall

In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet

Packet filter

The first reported type of network firewall is called a packet filter, which inspect packets transferred between computers. The firewall maintains an access control list which dictates what packets will be looked at and what action should be applied, if any, with the default action set to silent discard. Three basic actions regarding the packet consist of a silent discard, discard with Internet Control Message Protocol or TCP reset response to the sender, and forward to the next hop. Packets may be filtered by source and destination IP addresses, protocol, source and destination ports. The bulk of Internet communication in 20th and early 21st century used either Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) in conjunction with well-known ports, enabling firewalls of that era to distinguish between specific types of traffic such as web browsing, remote printing, email transmission, file transfer.

The first paper published on firewall technology was in 1987 when engineers from Digital Equipment Corporation (DEC) developed filter systems known as packet filter firewalls. At AT&T Bell Labs, Bill Cheswick and Steve Bellovin continued their research in packet filtering and developed a working model for their own company based on their original first-generation architecture.

Go to TOP

Roxy-WI and Firewalld

Roxy-WI provides the possibility to manage Firewalld automatically. When you add a new frontend or listen for HAProxy with new ports or add a new server section for Nginx, Roxy-WI will open these ports.

Note that Roxy-WI does not close the ports back when you delete a frontend or listen for HAProxy or when you delete a server section for Nginx

You can enable this function on the "Server" tabs on "Server" or "Admin area" pages. You only need to set the checkbox in Firewalld section

Roxy-WI Servers
Go to TOP

Viewing Firewalld rules

For checking Firewalld rules go to the Servers -> Servers tab. Select the necessary server and press the "View" button in the "Firewalld" column.

View firewalld in Roxy-WI

Go to TOP

Enabling Firewalld

On CentOS or RedHat Firewalld is installed by default. You can check it by performing the following command:

In output above you can see that Firewalld is installed and running: Active: active (running). If your have a different output, perform the command:

Be aware: when you run Firewalld for the first time, it closes all inbound connections except SSH

Go to TOP

Installing Firewalld

In Debian/Ubuntu Firewalld is included in official repositories and can be installed via the standard package manager. Before installing Firewalld it is necessary to disabled ufw (the preinstalled firewall) as it is shown below:

Go to TOP

Was this article helpful?

Yes, thanks!
Not really
Go back