How to configure a firewall in Linux-Linux Operation and Maintenance-php.cn

Home

Operation and Maintenance

Linux Operation and Maintenance

How to configure a firewall in Linux

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 18, 2023 pm 09:37 PM

cyber security Firewall configuration linux protection

Firewall is an important part of protecting network security. It can filter out data packets from untrusted sources and malicious attacks in the network to protect the system. In Linux, common firewalls are iptables and firewalld. In this article, we will cover the steps on how to configure a firewall in Linux.

Check the firewall status
Before starting the configuration, please check the firewall status in the system. You can check if iptables is enabled using the following command:

sudo systemctl status iptables

Copy after login

If iptables is not enabled, please enable it using the following command:

sudo systemctl start iptables

Copy after login

Configure iptables firewall
iptables is A rule-based firewall that filters and forwards packets to protect the system. You can set iptables rules in Linux using the following command:

sudo iptables -A INPUT -p tcp --dport <端口号> -j ACCEPT

Copy after login

This command will allow TCP connections through the specified port number. You can also set up iptables with other rules, for example:

sudo iptables -A INPUT -s <IP地址> -j DROP

Copy after login

This command will block all packets from the specified IP address.

Configuring firewalld firewall
firewalld is an advanced firewall designed to protect modern Linux systems. It enables dynamic rules to adapt to changes in the network environment. To configure firewalld, use the following command:

sudo systemctl start firewalld

Copy after login

You can then configure firewalld rules using the following command:

sudo firewall-cmd --zone=public --add-port=<端口号>/tcp --permanent
sudo firewall-cmd --zone=public --remove-port=<端口号>/tcp --permanent

Copy after login

This will allow or disallow TCP connections through the specified port number. firewalld also supports other rules, such as:

sudo firewall-cmd --zone=public --add-rich-rule='rule family="ipv4" source address="<IP地址>" reject' --permanent

Copy after login

This command will block all packets from the specified IP address.

Saving and Applying Rules
After setting up iptables or firewalld rules, you need to save and apply them to make them effective. To save iptables rules, use the following command:

sudo service iptables save

Copy after login

For firewalld rules, use the following command:

sudo firewall-cmd --reload

Copy after login

This command will reload the firewalld configuration, and apply the new rules.

Summary

This article introduces how to configure a firewall in a Linux system. You can use iptables or firewalld to filter network traffic and protect your system. After configuring the rules, save and apply them to take effect.

The above is the detailed content of How to configure a firewall in Linux. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)

2 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

How Long Does It Take To Beat Split Fiction?

1 months ago By DDD

R.E.P.O. Best Graphic Settings

2 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Assassin's Creed Shadows: Seashell Riddle Solution

1 weeks ago By DDD

R.E.P.O. How to Fix Audio if You Can't Hear Anyone

2 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Where is the login entrance for gmail email?

7409

Java Tutorial

1631

CakePHP Tutorial

1358

Laravel Tutorial

1268

PHP Tutorial

1218

Related knowledge

Why can't I download Google Chrome in Windows 7? Apr 13, 2024 pm 11:00 PM

Reasons why you can't download Google Chrome on Windows 7: The operating system version is too old; security protocols are out of date; necessary components are missing; blocked by firewall or security software; network connection issues. Solution: Upgrade operating system, enable TLS 1.2, install necessary components, check firewall, check network connection.

Why can't the win11 control panel open? Apr 17, 2024 pm 02:15 PM

Reasons why Windows 11 Control Panel won't open may include: Process conflicts Corrupted files Virus or malware infection Registry errors Permission issues Windows updates Hardware issues Other reasons (corrupted system files, conflicting drivers, or firewall configurations)

Complete guide to install FTPS service on Linux system Mar 19, 2024 am 11:39 AM

Title: A complete guide to installing FTPS service under Linux system In Linux system, setting up an FTP server is a common requirement. However, in order to enhance the security of data transmission, we can choose to install the FTPS service, which adds SSL/TLS encryption function based on the FTP protocol. Through the FTPS service, we can upload and download files while ensuring the security of data transmission. This article will provide a detailed guide for installing FTPS service under Linux system and provide specific instructions.

Master network security and penetration testing in Go Nov 30, 2023 am 10:16 AM

With the development of the Internet, network security has become an urgent issue. For technical personnel engaged in network security work, it is undoubtedly necessary to master an efficient, stable, and secure programming language. Among them, Go language has become the first choice of many network security practitioners. Go language, referred to as Golang, is an open source programming language created by Google. The language has outstanding features such as high efficiency, high concurrency, high reliability and high security, so it is widely used in network security and penetration testing.

The best Linux version of 2024: perfect integration of technology and art, open and innovative attitude towards life Apr 03, 2024 am 08:01 AM

As a Linux enthusiast in 2024, my expectations for the best Linux distribution are exciting. Below, I will explain my personal views and analyze why the most attractive Linux distribution in 2024 has many unique advantages. 1. First introduction to the most beautiful Linux distribution. There is no doubt that the best Linux distribution in 2024 can be called the perfect fusion of technology and art. It has excellent performance in many aspects such as user interface, function planning and performance optimization, making it unique in the face of many competitors. This is not only an operating system, but also a symbol of a free, open and innovative attitude towards life. This optimal version incorporates a new design and interactive mode, which is bound to be refreshing. Whether it is layout structure, logo pattern or color matching,

Artificial Intelligence in Cybersecurity: Current Issues and Future Directions Mar 01, 2024 pm 08:19 PM

Artificial intelligence (AI) has revolutionized every field, and cybersecurity is no exception. As our reliance on technology continues to increase, so do the threats to our digital infrastructure. Artificial intelligence (AI) has revolutionized the field of cybersecurity, providing advanced capabilities for threat detection, incident response, and risk assessment. However, there are some difficulties with using artificial intelligence in cybersecurity. This article will delve into the current status of artificial intelligence in cybersecurity and explore future directions. The role of artificial intelligence in cybersecurity Governments, businesses and individuals are facing increasingly severe cybersecurity challenges. As cyber threats become more sophisticated, the need for advanced security protection measures continues to increase. Artificial intelligence (AI) relies on its unique method to identify, prevent

How do C++ functions implement network security in network programming? Apr 28, 2024 am 09:06 AM

C++ functions can achieve network security in network programming. Methods include: 1. Using encryption algorithms (openssl) to encrypt communication; 2. Using digital signatures (cryptopp) to verify data integrity and sender identity; 3. Defending against cross-site scripting attacks ( htmlcxx) to filter and sanitize user input.

CentOS7 tutorials on commands to view open ports, view port occupancy, open ports, kill processes and other commands. Feb 19, 2024 am 10:54 AM

The following is a command tutorial for viewing open ports, viewing port occupancy, opening ports and killing processes on CentOS7: View open ports: Use the firewall-cmd command to view the open ports in the current firewall rules: sudofirewall-cmd--list- ports Check the port occupancy: Use the netstat command to check the occupancy of all ports on the current system: netstat-tuln If you only want to check the occupancy of the specified port, you can replace the port number with the port you want to check. Open the port: Use the firewall-cmd command to open the specified port: sudofirewall-cmd--add-po

See all articles