How to configure firewalld in RHEL?

Environment

• Red Hat Enterprise Linux 7
• Red Hat Enterprise Linux 8
• Red Hat Enterprise Linux 9
• Red Hat Enterprise Linux 10
• Firewalld

Issue

• How to configure the firewall in RHEL 7, 8, 9 and 10?

Resolution

• Here is the list of commands that would be helpful to configure the Firewalld service.

1. To start/stop/status firewalld service

# systemctl start firewalld.service
# systemctl stop firewalld.service
# systemctl status firewalld.service

# firewall-cmd --state

2. To enable/disable firewalld service at boot time.

# systemctl enable firewalld
# systemctl disable firewalld

3. To see detailed information for all zones

# firewall-cmd --list-all

4. To list details of default and active zones.

# firewall-cmd --get-default-zone
# firewall-cmd --get-active-zones

5. To add/remove interfaces to zones.

To add interface `eth1` to `public` zone.
# firewall-cmd --zone=public --change-interface=eth1

6. To list/add/remove services to zones.

# firewall-cmd --get-services
# firewall-cmd --info-service=<service-name> 
# firewall-cmd --add-service=<service-name>

• To add "samba and samba-client" service to a specific zone.
  You may include, a "permanent" flag to make this permanent change.

# firewall-cmd --zone=public --add-service=samba --add-service=samba-client --permanent 

• To list services configured in a specific zone.

# firewall-cmd --zone=public --list-service

6. To list and Add ports to firewall.

# firewall-cmd --list-ports
# firewall-cmd --zone=public --add-port=5000/tcp

Note: You may restart the network service followed by the firewalld service.

# systemctl restart network.service
# systemctl restart firewalld.service

Root Cause

• Verify interfaces are added to correct zones and specific services are allowed to provide
  access to server while firewalld is running.

Diagnostic Steps

• Refer to RHEL 9 product documentation for more details on the same.

• Refer to RHEL 10 product documentation for more details on the same.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.