FirewallD

FirewallD replaced IPTables as the default firewall in CentOS 7.

Check if the firewall is running:

firewall-cmd --state

FirewallD uses zones for various networks like a public interface and private internal interface.

View the default zone:

firewall-cmd --get-default-zone

Get a list of available zones:

firewall-cmd --get-available-zones

Change default zone to dmz temporarily, this setting is not persisted and will revert when the service restarts.

firewall-cmd --set-default-zone=dmz

To persist changes, you can look at /etc/firewalld/zones/dmz.xml and modify. This goes for all zones listed.

Get a list of active zones:

firewall-cmd --get-active-zones

Get details about the public zone – this lists all the info that has been persisted which is important to know if you’re debugging:

firewall-cmd --zone=public --list-all
(Comments)

Comments