Operation and Maintenance
CentOS
CentOS Networking Configuration: Mastering Firewalld and NetworkManager
CentOS Networking Configuration: Mastering Firewalld and NetworkManager
Configuring the network and managing Firewalld and NetworkManager on CentOS can be achieved through the following steps: 1. Use NetworkManager to manage network connections, such as viewing the connection status (nmcli connection show) or configuring VPN (nmcli connection add type vpn). 2. Use Firewalld to manage firewall rules, such as adding HTTP services (firewall-cmd --zone=public --add-service=http --permanent) and viewing rules (firewall-cmd --list-all).
introduction
Do you want to know how to configure the network on CentOS and control Firewalld and NetworkManager? Then you have come to the right place. This article will take you into the deep understanding of how to effectively manage networks and firewalls in CentOS systems. I will share some personal experiences and tips, hoping to help you avoid some common pitfalls and also give you more confidence in the configuration process.
After reading this article, you will learn how to use NetworkManager to manage network connections, how to configure Firewalld to protect your system, and how to find the best balance between them.
Review of basic knowledge
Before we go deeper, let's review some basic concepts first. As a Linux distribution based on Red Hat, CentOS uses NetworkManager to manage network connections by default, while Firewalld is a dynamic firewall management tool for managing firewall rules.
NetworkManager not only manages wired and wireless connections, but also handles VPNs and other complex network configurations. Firewalld provides an easy-to-use interface to manage firewall rules, supporting dynamic updates without requiring a service restart.
Core concept or function analysis
Definition and function of NetworkManager
NetworkManager is the default network management tool in CentOS system. It provides a unified interface to manage various network connections. Its function is not only to start and stop the network interface, but also to automatically connect, disconnect, and manage network configuration files.
For example, suppose you want to configure a new WiFi connection on the CentOS system, you can use NetworkManager to complete this task. Here is a simple command example:
nmcli dev wifi connect "SSID" password "PASSWORD"
This command uses NetworkManager to connect to the specified WiFi network.
The definition and function of Firewalld
Firewalld is a dynamic firewall management tool that allows you to define firewall rules based on different network areas (zones). Its main purpose is to protect your system from unauthorized access while providing a flexible interface to manage these rules.
For example, if you want to allow HTTP traffic through a firewall, you can use the following command:
firewall-cmd --zone=public --add-service=http --permanent firewall-cmd --reload
This adds the HTTP service to the public area and reloads the firewall rules.
How it works
NetworkManager works by monitoring the status of a network interface and managing connections based on configuration files. It automatically detects and configures network devices so that users can maintain network connection stability without manual intervention.
Firewalld works more complexly, using D-Bus to implement dynamic rule updates. This means you can add, delete, or modify rules without restarting the firewall service. This is very useful for scenarios where firewall rules need to be adjusted frequently.
Example of usage
Basic usage
Let's start with the basic usage of NetworkManager. If you want to view the current network connection status, you can use the following command:
nmcli connection show
This lists all configured network connections and their status.
For the basic usage of Firewalld, if you want to view the current firewall rules, you can use the following command:
firewall-cmd --list-all
This displays all firewall rules, including allowed services and ports.
Advanced Usage
Now let's look at some more advanced usages. Suppose you want to use NetworkManager to configure a VPN connection, you can use the following command:
nmcli connection add type vpn vpn-type openvpn ifname tun0 con-name "MyVPN" \ vpn.service-type org.freedesktop.NetworkManager.openvpn \ vpn.username "your_username" vpn.password "your_password" \ vpn.remote "vpn.example.com" vpn.port "1194"
This command will create a new VPN connection and configure relevant parameters.
For advanced usage of Firewalld, if you want to create a custom firewall rule to allow specific IP addresses to access your system, you can use the following command:
firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="192.168.1.100" accept' --permanent firewall-cmd --reload
This adds a rule that allows IPv4 traffic from 192.168.1.100 to pass through the firewall.
Common Errors and Debugging Tips
There are some common problems you may encounter when using NetworkManager and Firewalld. For example, NetworkManager may not be able to connect to a WiFi network automatically, or Firewalld may block certain necessary traffic.
For NetworkManager, if you have connection problems, you can try to reset the network connection using the following command:
nmcli networking off nmcli networking on
This closes and restarts the NetworkManager service, which usually solves some connection issues.
For Firewalld, if you find that some traffic is blocked, you can use the following command to view the detailed log:
journalctl -u firewalld
This will display the log of the Firewalld service, helping you find out what the problem is.
Performance optimization and best practices
In practical applications, how to optimize the performance of NetworkManager and Firewalld? First, for NetworkManager, you can consider disabling unnecessary network interfaces to reduce the consumption of system resources. For example, if you don't need to use Bluetooth connection, you can disable it using the following command:
nmcli radio bluetooth off
For Firewalld, one key to optimizing performance is to minimize the number of rules. Each rule increases the processing time of the firewall, so you should only add the necessary rules. For example, if you only need to allow HTTP and HTTPS traffic, you can use the following command:
firewall-cmd --zone=public --add-service=http --permanent firewall-cmd --zone=public --add-service=https --permanent firewall-cmd --reload
This will only allow HTTP and HTTPS traffic to pass through the firewall, reducing unnecessary rules.
In terms of programming habits and best practices, it is recommended that you keep the code readable and maintained. For example, add comments in the configuration file to explain the role of each rule, which will be easier to understand when you need to modify it in the future.
In short, mastering NetworkManager and Firewalld on CentOS will not only help you better manage your network and firewalls, but will also give you more confidence to solve them when you encounter problems. Hope this article will bring you some useful insights and tips.
The above is the detailed content of CentOS Networking Configuration: Mastering Firewalld and NetworkManager. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1662
14
1419
52
1312
25
1262
29
1235
24
What are the backup methods for GitLab on CentOS
Apr 14, 2025 pm 05:33 PM
Backup and Recovery Policy of GitLab under CentOS System In order to ensure data security and recoverability, GitLab on CentOS provides a variety of backup methods. This article will introduce several common backup methods, configuration parameters and recovery processes in detail to help you establish a complete GitLab backup and recovery strategy. 1. Manual backup Use the gitlab-rakegitlab:backup:create command to execute manual backup. This command backs up key information such as GitLab repository, database, users, user groups, keys, and permissions. The default backup file is stored in the /var/opt/gitlab/backups directory. You can modify /etc/gitlab
What are the methods of tuning performance of Zookeeper on CentOS
Apr 14, 2025 pm 03:18 PM
Zookeeper performance tuning on CentOS can start from multiple aspects, including hardware configuration, operating system optimization, configuration parameter adjustment, monitoring and maintenance, etc. Here are some specific tuning methods: SSD is recommended for hardware configuration: Since Zookeeper's data is written to disk, it is highly recommended to use SSD to improve I/O performance. Enough memory: Allocate enough memory resources to Zookeeper to avoid frequent disk read and write. Multi-core CPU: Use multi-core CPU to ensure that Zookeeper can process it in parallel.
How to configure Lua script execution time in centos redis
Apr 14, 2025 pm 02:12 PM
On CentOS systems, you can limit the execution time of Lua scripts by modifying Redis configuration files or using Redis commands to prevent malicious scripts from consuming too much resources. Method 1: Modify the Redis configuration file and locate the Redis configuration file: The Redis configuration file is usually located in /etc/redis/redis.conf. Edit configuration file: Open the configuration file using a text editor (such as vi or nano): sudovi/etc/redis/redis.conf Set the Lua script execution time limit: Add or modify the following lines in the configuration file to set the maximum execution time of the Lua script (unit: milliseconds)
Centos shutdown command line
Apr 14, 2025 pm 09:12 PM
The CentOS shutdown command is shutdown, and the syntax is shutdown [Options] Time [Information]. Options include: -h Stop the system immediately; -P Turn off the power after shutdown; -r restart; -t Waiting time. Times can be specified as immediate (now), minutes ( minutes), or a specific time (hh:mm). Added information can be displayed in system messages.
Difference between centos and ubuntu
Apr 14, 2025 pm 09:09 PM
The key differences between CentOS and Ubuntu are: origin (CentOS originates from Red Hat, for enterprises; Ubuntu originates from Debian, for individuals), package management (CentOS uses yum, focusing on stability; Ubuntu uses apt, for high update frequency), support cycle (CentOS provides 10 years of support, Ubuntu provides 5 years of LTS support), community support (CentOS focuses on stability, Ubuntu provides a wide range of tutorials and documents), uses (CentOS is biased towards servers, Ubuntu is suitable for servers and desktops), other differences include installation simplicity (CentOS is thin)
How to optimize CentOS HDFS configuration
Apr 14, 2025 pm 07:15 PM
Improve HDFS performance on CentOS: A comprehensive optimization guide to optimize HDFS (Hadoop distributed file system) on CentOS requires comprehensive consideration of hardware, system configuration and network settings. This article provides a series of optimization strategies to help you improve HDFS performance. 1. Hardware upgrade and selection resource expansion: Increase the CPU, memory and storage capacity of the server as much as possible. High-performance hardware: adopts high-performance network cards and switches to improve network throughput. 2. System configuration fine-tuning kernel parameter adjustment: Modify /etc/sysctl.conf file to optimize kernel parameters such as TCP connection number, file handle number and memory management. For example, adjust TCP connection status and buffer size
Centos configuration IP address
Apr 14, 2025 pm 09:06 PM
Steps to configure IP address in CentOS: View the current network configuration: ip addr Edit the network configuration file: sudo vi /etc/sysconfig/network-scripts/ifcfg-eth0 Change IP address: Edit IPADDR= Line changes the subnet mask and gateway (optional): Edit NETMASK= and GATEWAY= Lines Restart the network service: sudo systemctl restart network verification IP address: ip addr
Centos minio installation permissions issues
Apr 14, 2025 pm 02:00 PM
Permissions issues and solutions for MinIO installation under CentOS system When deploying MinIO in CentOS environment, permission issues are common problems. This article will introduce several common permission problems and their solutions to help you complete the installation and configuration of MinIO smoothly. Modify the default account and password: You can modify the default username and password by setting the environment variables MINIO_ROOT_USER and MINIO_ROOT_PASSWORD. After modification, restarting the MinIO service will take effect. Configure bucket access permissions: Setting the bucket to public will cause the directory to be traversed, which poses a security risk. It is recommended to customize the bucket access policy. You can use MinIO
