Firewall

Firewall is a network security tool that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet.

Packet filter

The first reported type of network firewall is called a packet filter. It inspects netwwork data (packets), transferring between computers. The firewall maintains the access control list (ACL) which indicates what packets should be tracked and what actions should be applied. Three basic actions are: a silent discard, discard and send a Internet Control Message Protocol message or TCP reset flag back to the sender or forward to the next hop. Default action is set to a silent discard. Packets may be filtered by source and destination IP addresses, protocol, source and destination ports.

Roxy-WI can manage Firewalld independently. Whether you add a new frontend, new proxy for HAProxy in the Add proxy-Listen section or add a new server section for NGINX, Roxy-WI will open the necessary ports automatically.

icon
Note that Roxy-WI does not close ports automatically after you delete created objects.

You can tick the Firewalld checkbox to enable this function in the Servers-Servers or the Admin area-Servers sections.

Roxy-WI Servers

For checking Firewalld rules, go to the Servers-Servers section and press the View button.

View firewalld in Roxy-WI

On CentOS or RedHat Firewalld is installed by default. You can check it by performing the following command:

In the output above, you can see that Firewalld is installed and running: Active: active (running). If you have a different output, perform the command:

icon
Note: when you run Firewalld for the first time, it closes all inbound connections except SSH.

In Debian/Ubuntu Firewalld is included in official repositories and can be installed using the standard package manager. Before installing Firewalld you should disable ufw (the preinstalled firewall) as it is shown below: