Set up Firewalld on Centos 7 - HostAfrica - Secure your VPS today
+27 21 554 3096

Blog

Set up Firewalld on Centos 7

Set up Firewalld on Centos 7

Setting up FirewallD on CentOS 7 is a relatively easy and straightforward process. FirewallD is a firewall management tool that CentOS 7 servers offer by default. It provides a dynamic managed firewall with support for network/firewall zones.

How to set up FirewallD on CentOS 7

Here we show you how to set up FirewallD on CentOS 7 if you’re running a web server, SSH on port 7022 and mail server. FirewallD uses services and zones instead of iptables rules and chains. FirewallD services are xml configuration files with information of a service entry. xml configuration files are stored in the /usr/lib/firewalld/services/ and /etc/firewalld/services/ directories.

  1. Change the default zone:

Run # firewall-cmd –get-zones to list all the available zones

Run # firewall-cmd –get-default-zone to list the default zone

Change the default zone by entering # firewall-cmd –set-default-zone=dmz

  1. Add permanent service rules for HTTP and HTTPS to the dmz zone

Run # firewall-cmd –get-services to list all available services.

Enter # firewall-cmd –zone=dmz –add-service=http –permanent

and # firewall-cmd –zone=dmz –add-service=https –permanent

  1. Open port 25 (SMTP) and port 465 (SMTPS)

# firewall-cmd –zone=dmz –add-service=smtp –permanent

# firewall-cmd –zone=dmz –add-service=smtps –permanent

  1. Open, IMAP, IMAPS, POP3 and POP3S ports:

# firewall-cmd –zone=dmz –add-service=imap –permanent

# firewall-cmd –zone=dmz –add-service=imaps –permanent

# firewall-cmd –zone=dmz –add-service=pop3 –permanent

# firewall-cmd –zone=dmz –add-service=pop3s –permanent

  1. Since the SSH port is changed to 7022, you need to remove the SSH service (port 22) and open port 7022:

# firewall-cmd –remove-service=ssh –permanent

# firewall-cmd –add-port=7022/tcp –permanent

  1. Reload the firewall to implement your changes:

# firewall-cmd –reload

  1. List your firewall rules:

# firewall-cmd –list-all

Protect your server with FirewallD

When you set up FirewallD on CentOS 7, you are ensuring a higher safety level for your server. FirewallD features graphical configuration tool (firewall-config) and command line tool (firewall-cmd). For more advice or assistance setting up FirewallD on CentOS 7, contact HostAfrica today.

Leave a Reply