In today’s world, where cyber threats are becoming more prevalent and sophisticated, it is crucial to secure your system. One of the fundamental steps in securing your Fedora system is by implementing a firewall. A firewall is a network security tool that filters incoming and outgoing traffic and blocks unauthorized access. This blog will guide you on how to secure your Fedora system with a firewall.
Step 1: Install Firewall
Fedora comes with a firewall tool pre-installed called firewalld. If it is not installed on your system, you can install it using the following command:
sudo dnf install firewalld
Step 2: Enable Firewall
After installing the firewall tool, you need to enable it. The following command will start the firewall and enable it at system startup:
sudo systemctl start firewalld
sudo systemctl enable firewalld
Step 3: Check Firewall Status
You can check the status of your firewall with the following command:
sudo firewall-cmd --state
If the output is “running,” the firewall is enabled and protecting your system.
Step 4: Configuring Firewall Rules
Now that your firewall is running, you need to configure it to allow or deny incoming and outgoing traffic. You can do this by creating firewall rules.
To allow incoming traffic, use the following command:
sudo firewall-cmd --add-port=<port_number>/tcp --permanent
Replace <port_number> with the actual port number you want to open. You can also use the –zone option to specify the network zone for which the rule applies.
To deny incoming traffic, use the following command:
sudo firewall-cmd --remove-port=<port_number>/tcp --permanent
Again, replace <port_number> with the actual port number you want to close.
To allow outgoing traffic, use the following command:
sudo firewall-cmd --add-rich-rule='rule family="ipv4" source address="192.168.1.0/24" accept' --permanent
This command will allow outgoing traffic from the network 192.168.1.0/24. You can also use the –zone option to specify the network zone for which the rule applies.
To deny outgoing traffic, use the following command:
sudo firewall-cmd --add-rich-rule='rule family="ipv4" source address="192.168.1.0/24" drop' --permanent
This command will deny outgoing traffic from the network 192.168.1.0/24.
Step 5: Reload Firewall Rules
After creating firewall rules, you need to reload the firewall for the changes to take effect. Use the following command to reload the firewall:
sudo firewall-cmd --reload
Step 6: Verify Firewall Rules
You can verify your firewall rules with the following command:
sudo firewall-cmd --list-all
This command will display all firewall rules configured on your system.
Conclusion
In conclusion, implementing a firewall is an essential step in securing your Fedora system. The firewall tool built into Fedora, firewalld, provides an easy-to-use interface to configure firewall rules. By following the steps outlined in this blog, you can configure your firewall to allow or deny incoming and outgoing traffic and protect your system from cyber threats.
