Creating firewalld Rules

30 minutes
  • 3 Learning Objectives

About this Hands-on Lab

In this lab, we will be installing firewalld and creating firewall rules to permit HTTP and HTTPS traffic in the default zone. Then, we’ll check to make sure the rules have applied.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Install firewalld.

To install firewalld, run the following command:

  • sudo apt-get install firewalld
Identify the default zone of firewalld.

Use the following command to identify which zone is the default zone.

sudo firewall-cmd --get-default-zone
Create firewall rules.
  1. These rules need to take effect immediately without restarting the firewalld service, as well as survive a reboot. This means we must enter two rules for each protocol: one with the --permanent flag, and one without.

    Enter:

    sudo firewall-cmd --zone=public --add-service=http --permanent  
    sudo firewall-cmd --zone=public --add-service=http  
    sudo firewall-cmd --zone=public --add-service=https --permanent  
    sudo firewall-cmd --zone=public --add-service=https     
  2. Check to make sure http and https have been added, run:
    sudo firewall-cmd –list-services

    • You should see http and https listed.

Additional Resources

Your supervisor has asked you to install firewalld on a new web server. You'll need to create the appropriate rules to permit HTTP and HTTPS traffic in the default zone. These rules will need to take effect immediately and survive a reboot of the server. Also, due to the SLA requirements to customers, the firewall service cannot be restarted.

Connecting to the Lab

Log in via SSH to the public IP address provided, using the username and password generated by the lab. Now, use the "Guide" located above the video to view the scenario and tasks to be completed.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?